Tough Ratings, Tougher Sell: How Different Types of Adjustment Affect Managers’ Asymmetric Algorithm Use in Performance Evaluation Judgments

This paper analyzes the relations between knowledge, control and organizational structure both in the market system as a whole and in private organizations. Limitations on the mental capacity of the human mind and the costs of producing and transferring knowledge means that knowledge relevant to all decisions can never be collected in the mind of a single individual or a small body of experts. This means that if the knowledge valuable to a particular decision is to be used in making that decision, there must be a system for partitioning out decision rights to individuals who already have the relevant knowledge and abilities or who can acquire or produce them at the lowest cost. Self interest on the part of individual decision-makers means a control system is required to motivate individuals with the decision rights and the relevant knowledge to use those decision rights appropriately. This control problem is solved in a capitalist economy by a system of alienable property rights.Alienable rights cannot generally solve the control problem in firms, and the assignment of decision rights in firms does not generally include the assignment of alienability. Indeed, this is one of the major distinctions between firms and markets. The inalienability of rights within an organization means control problems must be solved by alternative means. Organizations solve these problems by establishing what we define to be the Organizational Rules of the Game that provide:(1) a system for partitioning decision rights out to agents in the organization,(2) a performance measurement and evaluation system, and (3) a reward and punishment systemThe inherent inefficiency of organizational control systems as compared to alienability means firms cannot survive unless they provide other offsetting advantages such as economies of scale, scope or riskbearing.

The paper presents a comparative performance evaluation of typical constructions of authenticated key exchange protocols using asymmetric and/or symmetric cryptography. The protocols are implemented using JAKE, a lightweight Java frame-work for prototype implementation and experimental analysis of secure-channel protocols, including attacks and performance evaluation. JAKE uses the standard library of cryptographic classes included in OpenJDK. The experiments were carried out for different cryptographic algorithms and security levels. The comparative analysis demonstrates the important performance gains achieved by switching from Finite-Field Cryptography (FFC) to Elliptic-Curve Cryptography (ECC), for Diffie-Hellman (DH) key agreement, signatures, and public-key certificates. The algorithms based on ECC reduce substantially the performance gap between authentication using symmetric cryptography and pre-shared secret keys (faster, but with limited applications) and authentication using asymmetric cryptography and public-key certificates. They also show a substantial performance degradation from 128-bit to 192-bit or 256-bit security, so the security level should be adjusted according to application requirements.

Although traditional asymmetric algorithm along with its implementations are successful in keeping important documents confidential, it uses only one private key. This research proposes the loose asymmetric (LA) algorithm to satisfy requirement of generating many access keys. Each access key is granted to only one user. This demand is real because a group of members needs to retrieve same documents but each member requires confidentiality in access. Because implementation of LA algorithm is complicated, I also propose two schemes of how to deploy LA algorithm. The research is a proposal because I do not make experiment on LA algorithm yet.

We provide the first empirical evidence of the role that calibration committees play in subjective performance evaluation systems. Using proprietary data from a large multinational organization, we begin by showing that calibration committees adjust ratings sparingly (i.e., 25% adjustment rate), but when they do, downward adjustments are significantly more frequent and of greater magnitude than upward adjustments. Calibration committees tend to downward (upward) adjust ratings of supervisors who give higher (lower) than average initial ratings. Taken together, calibration committees improve the consistency of ratings across supervisors and mitigate leniency bias, but exacerbate centrality bias. We also show that calibration committees facilitate the appropriate allocation of decision rights by deferring rating decisions to supervisors who possess a relatively greater information advantage. That is, calibration committees are less likely to adjust the rating of a subordinate who is further removed from committee members in the organizational hierarchy. Finally, we show that calibration committees promote supervisor learning about organizational performance rating expectations through calibration adjustments. This study contributes to the literature on performance evaluation by providing new insights regarding the organizational dynamics of subjective performance evaluation systems when decision rights span hierarchical levels of the organization. This paper was accepted by Suraj Srinivasan, accounting.

Introduction. Widespread use of unmanned aerial vehicles in the civilian and military spheres requires the development of new algorithms for identification friend or foe of targets, as used in the Armed Forces of Ukraine (AFU) devices of the "Parol" system are designed to service approximately 110 objects military equipment. AFU automation systems allow the use of additional sources of information about various objects from civil or special data transmission networks, which can be the basis for building a networked multi-level system of state recognition. Predictions of the development of quantum computers foresee the possibility of breaking modern algorithms for information security in polynomial time in the next 5-10 years, which requires the development and implementation of new encryption algorithms and revision of modern parameters. The purpose of the article is to develop a new algorithm for state recognition of objects, which can be scaled to process the required number of manned and unmanned aerial vehicles. Potential threats to classical cryptographic protection algorithms for data networks, which will result in the execution of algorithms such as Grover and Shore on quantum computers, were also discussed. Results. The article proposes a new multilevel algorithm of state recognition based on modern cryptographic methods of information protection, which allows to perform reliable automated identification of objects, scale systems using data on potential targets from other sources through secure special networks. Grover's search algorithm does not give a strong increase in key search performance for symmetric encryption algorithms, so there is no need to increase the key lengths for this type of information security algorithms. Post-quantum asymmetric encryption algorithms require additional study and comprehensive testing of information security or increasing the key lengths of cryptographic algorithms, which corresponds to the number of qubits, i.e. more than twice. The most promising is the family of asymmetric post-quantum cryptographic algorithms based on supersingular isogenic elliptic curves. Conclusions. The developed algorithm of identification friend or foe of objects is more secure compared to existing algorithms and is focused on the use of modern on-board computers and programmable radio modems. Shore's algorithm and the like will be a significant threat to modern asymmetric cryptography algorithms when the number of qubits of quantum computers exceeds the number of bits in public keys more than twice. Keywords: identification friend or foe, symmetric encryption, asymmetric cryptography, quantum computer, post-quantum cryptography.

This paper deals with the implementation of Algorithms and tools for the security of academic data protection in the Democratic Republic of Congo. It consists principally in implementing two algorithms and two distinct tools to secure data and in this particular case, academic data of higher and university education in the Democratic Republic of Congo. The design of algorithms meets the approach that any researcher in data encryption must use during the development of a computer system. Briefly, these algorithms are steps to follow to encrypt information in any programming language. These algorithms are based on symmetric and asymmetric encryptions, the first one uses Christopher Hill's algorithm, which uses texts in the form of matrices before they are encrypted and RSA as one of the asymmetric algorithms, which uses the prime numbers that we have encoded on more than 512 bits. As for tools, we have developed them in php which is only a programming language taken as an example because it is impossible to use all of them. The tools implemented are based on the algorithms of Caesar, Christopher Hill and RSA showing how the encryption operations are carried out thanks to graphical interfaces. They are only tools for pedagogical reasons to help students and other researchers learn how to use developed algorithms. We have not developed them for pleasure but rather used them in any information system, which would prevent and limit unauthorized access to computer systems. They will not be used only for the management of academic fees but for any other information system, which explains and shows the complexity of the tools developed. We have not been able to solve the problems of versions for the developed prototype, because if there is a new version later, some functions may be obsolete, which would constitute the limitation of these tools. This work targets primarily the Ministry of Higher Education and Universities, which will make these results their own and implement them in order to solve the problem of intrusions, unauthorized access to developers and researchers who will use tools already made instead of thinking about their development. We are trying to demonstrate the steps and the methodology that allowed us to reach our results, in the following lines.

This paper deals with the implementation of algorithms and tools for the security of academic data protection in the Democratic Republic of the Congo. It consists principally in implementing two algorithms and two distinct tools to secure data and in this particular case, academic data of higher and university education in the Democratic Republic of the Congo. The design of algorithms meets the approach that any researcher in data encryption must use during the development of a computer system. Briefly, these algorithms are steps to follow to encrypt information in any programming language. These algorithms are based on symmetric and asymmetric encryption, the first one uses Christopher Hill’s algorithm, which uses texts in the form of matrices before they are encrypted and RSA as one of the asymmetric algorithms, it uses the prime numbers that we have encoded on more than 512 bits. As for tools, we have developed them in php which is only a programming language taken as an example because it is impossible to use all of them. The tools implemented are based on the algorithms of Caesar, Christopher Hill, and RSA showing how the encryption operations are carried out thanks to graphical interfaces. They are only tools for pedagogical reasons to help students and other researchers learn how to use developed algorithms. We have not developed them for pleasure but rather to be used in any information system, which would prevent and limit unauthorized access to computer systems. They will not be used only for the management of academic fees but for any other information system, which explains and shows the complexity of the tools developed. We have not been able to solve the problems of versions for the developed prototype, because if there is a new version later some functions may be obsolete, which would constitute the limitation of these tools. This work targets primarily the Ministry of Higher Education and Universities, which will make these results its own and implement them in order to solve the problem of intrusions, and unauthorized access to developers and researchers who will use tools already made instead of thinking about their development. We are trying to demonstrate the steps and the methodology that allowed us to reach our results, in the following lines.

Using proprietary data from the internal audit department of a large multinational organization, we provide the first empirical evidence of the role that “calibration committees” play in subjective performance evaluation systems. Specifically, we examine how distributional properties of ratings, supervisor rating credibility, and structural characteristics of the calibration process influence the likelihood, direction, and magnitude of calibration committee adjustments to supervisors’ subjective ratings of subordinate auditors. We find that calibration committees make adjustments that remove inter-rater differences in the distribution of initial ratings, but have asymmetric preferences for the downward adjustment of relatively higher ratings versus the upward adjustment of relatively lower ratings. In doing so, calibration committees mitigate leniency bias, while exacerbating centrality bias. Contrary to expectation, we find no association between calibration committee adjustments and our proxies for the credibility of supervisor ratings. However, we do find that committee adjustments are decreasing in the hierarchical distance between the committee and the subordinate auditor being rated, consistent with the theoretical prediction that decision rights are optimally collocated with the decision-maker possessing the greatest relevant knowledge. We also find that adjustments are less likely when the rating supervisor serves on the committee. This study contributes to the literature on subjective performance evaluation by providing novel insights into the organizational dynamics of subjective performance evaluation systems when decision rights span hierarchical levels of the organization.

Implementations of asymmetric key algorithm have been threatened via timing side channels due to the behavior of the underlying branch predictors. However, the effect of faults on such predictors and the consequences thereof on the security of crypto-algorithms have not been studied. Motivated by the fact that unknown branch predictors of standard processors bear a strong correlation with 2-bit dynamic predictors, this paper develops a formal analysis of such a bimodal predictor under the effect of faults. Assuming a popular bit-flip fault model, the analysis shows that differences of branch misses under the effect of such faults can be exploited to attack implementations of RSA-like asymmetric key algorithms, based on square and multiplication operations. Furthermore, these attacks can be also threatening against Montgomery ladder of CRT-RSA (RSA implemented using Chinese Remainder Theorem) and even against fault attack countermeasures which stop or randomize the output in case of a fault. The theoretical claims have been substantiated by detailed fault simulations, where the difference of branch misses has been observed using the “perf” tool in Linux.

We consider security properties of cryptographic protocols, that are either trace properties (such as confidentiality or authenticity) or equivalence properties (such as anonymity or strong secrecy). Infinite sets of possible traces are symbolically represented using deducibility constraints. We give a new algorithm that decides the trace equivalence for the traces that are represented using such constraints, in the case of signatures, symmetric and asymmetric encryptions. Our algorithm is implemented and performs well on typical benchmarks. This is the first implemented algorithm, deciding symbolic trace equivalence.

Information security has been of great use in various civilian and defence domains. However, the arduous procedures involved in securely establishing a common key lead to asymmetric-key encryption. The high computational needs of asymmetric-key encryption process made them impractical to be used for real-world applications. The proliferation of low-cost, high-performance computing through GPGPUs made many applications with high-performance requirements feasible to implement and use in real-world applications. A successful attempt has been made to implement RSA algorithm using GPGPU and the results are presented in this paper.

Smart card technology has already widely used in Indonesia. Security threat on smart card is growing rapidly, therefore more security is needed. Ironically, Indonesia as one of the smart card most users very dependent on foreign technology and haven't built its own smart card architecture. This paper presents KRISNA, a cryptoprocessor architecture for national smart card. KRISNA has an ability to maintain the runtime of the smart card operation system by using 8051 architectural system as the main control. KRISNA uses a selection of lightweight implementation of cryptograpyc algorithm that can be implemented in smart card environment system. KRISNA has BC3 64-bit as symmetric cryptography, ECC 233-bit as asymmetric cryptography, WELL 2 <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">512</sup> as pseudo random number generator and also SHA256 as hash function. KRISNA also accelerates the communication between the main controller and the coprocessor by implementing instruction buffer and shared memory controller.

Modern digital communication relies heavily on cryptographic protection to ensure data integrity and privacy. In order to deploy state-of-the art cryptographic primitives and protocols in real-world scenarios, one needs to highly optimize software for both speed and security. This requires careful choices of high-level cryptographic parameters, low-level optimization of software on the assembly level for a given microarchitecture and the subtle interactions between high-level and low-level optimizations. This thesis considers three examples of cryptographic primitives and describes software implementations of these primitives that set new speed records. The Advanced Encryption Standard (AES) is one of the most widely used symmetric cryptographic primitives. The traditional implementation approach for AES is based on table lookups. While software based on this approach still achieves best performance for a variety of 32-bit and 64-bit architectures, it is usually vulnerable to cache-timing attacks. Another implementation approach for AES is the bitslicing technique. Not only is software based on this approach inherently protected against cache-timing attacks, on some microarchitectures it even achieves better performance. Elliptic-curve cryptography is the current state of the art of asymmetric cryptography. For elliptic-curve Di??e-Hellman key exchange, Bernstein proposed the Curve25519 function. Several speed-record-setting implementations of this function have been developed for a variety of architectures. Optimizing Curve25519 software for the Synergistic Processor Units of the Cell Broadband Engine is a particularly interesting challenge because the small integer multipliers of this architecture do not seem to make it the best-suited platform for public-key cryptography. Another use of elliptic curves in cryptography is in the construction of cryptographic pairings. In order to make pairings fast and secure, very special elliptic curves|so-called pairing-friendly curves|are required. For cryptographic pairings on the 128-bit security level Barreto-Naehrig curves of size about 256 bits are the best choice. Optimizing pairing software is more complex than optimizing, e.g., elliptic-curve Di??e-Hellman key-exchange software. The reason is that pairings involve multiple computation steps and multiple mathematical structures. A choice of parameters considering only some of these steps or structures is likely to incur high performance penalties in the other steps or structures. Evaluating the security of cryptographic primitives requires cryptanalytic effort. In many ways optimizing cryptanalytic algorithms is similar to optimizing cryptographic primitives: Careful choices of high-level algorithmic parameters such as a Pollard rho iteration function need to be combined with low-level software optimization. A major di??erence when optimizing cryptanalytic algorithms is the high degree of parallelism that requires additional under-standing in optimizing parallel algorithms and in network protocols. This thesis considers two cryptanalytical applications with very di??erent performance bottlenecks and optimization requirements. Pollard's rho algorithm is the best known algorithm to solve the elliptic-curve discrete-logarithm problem for most prime-order elliptic curve groups. Large instances of this problem, such as Certicom's challenge ECC2K130 considered in this thesis, are usually solved using a parallel version of Pollard's rho algorithm, which uses a client-server approach. The e??ciency of this approach is mainly determined by the speed of the iteration function, which runs on all clients independently in parallel. A cryptanalytical algorithm with signi??cantly more complex parallelization requirements isWagner's tree algorithm. This algorithm involves a huge amount of data for cryptographically relevant inputs; each byte of data needs to be loaded and stored several times. In a parallel environment with distributed storage data cannot be kept local: each byte also needs to be sent various times over the network. The implementation of Wagner's tree algorithm to find a collision in the toy version FSB48 of the SHA-3 round-1 candidate FSB on a cluster of 8 computers with a total of 5.5 TB of distributed storage demonstrates techniques to apply this algorithm in storage-restricted environments.

Due to severe power and timing constraints of the in the Internet of things (IoT), cryptography is expensive for these devices. Custom hardware provides a viable solution. However, implementations of cryptographic algorithms in the devices need to be upgraded frequently compared to the longevity of these things. Therefore, there is a critical need for reconfigurable, low-power and high-performance cryptography implementations for IoT devices. In this paper, we propose to use an FPGA as the reconfigurable substrate for cryptographic operations. We demonstrate our proposed approach on a Zedboard, which has two ARM cores and a Zynq FPGA. The implemented cryptographic algorithms include symmetric cryptography, asymmetric cryptography, and secure hash functions. We also integrate our cryptographic engines with the OpenSSL library to inherit the library's support for block cipher modes. Our approach shows that the FPGA-based reconfigurable cryptographic components consume between 1.8× and 4033× less energy and run between 1.6× and 2983× faster than the software implementation. At the same time, the FPGA implementation of cryptographic operations is more flexible compared to custom hardware implementations of cryptographic components.

Nowadays, cyber-physical systems (CPS) are omnipresent in our daily lives and are increasingly used to process confidential data. While the variety of portable devices we use excessively at home and at work is steadily increasing, their security vulnerabilities are often not noticed by the user. Therefore, portable devices such as wearables are becoming more and more interesting for adversaries. Additionally, the increasing functionalities like internet capabilities, cameras, microphones, GPS trackers and other senor devices make them an interesting target for hacking. Furthermore, such CPS devices are often deployed in unsupervised and untrusted environments raising the question about privacy and security to a crucial topic. Thus, a robust and secure software design is required for the implementation of cryptographic communication protocols and encryption algorithms. In our opinion, Software-Patterns have proven to be an efficient way to support the development of such systems. Therefore, we will present patterns for solving the issue of Man-in-the-middle attacks. The presented patterns provide generic guidance on how to establish secure communication channels based on symmetric and / or asymmetric cryptography. Further, a selection graph is presented which helps to find the appropriate pattern in a specific context.