Downgradable Identity-Based Signatures and Trapdoor Sanitizable Signatures from Downgradable Affine MACs

Affine message authentication code (AMAC) (CRYPTO\u2714) is a group-based MAC with a specific algebraic structure. Downgradable AMAC (DAMAC) (CT-RSA\u2719) is an AMAC with a functionality that we can downgrade a message with an authentication tag while retaining validity of the tag. In this paper, we revisit DAMAC for two independent applications, namely downgradable identity-based signatures (DIBS) and trapdoor sanitizable signatures (TSS) (ACNS\u2708). DIBS are the digital signature analogue of downgradable identity-based encryption (CT-RSA\u2719), which allow us to downgrade an identity associated with a secret-key. In TSS, an entity given a trapdoor for a signed-message can partially modify the message while keeping validity of the signature. We show that DIBS can be generically constructed from DAMAC, and DIBS can be transformed into (wildcarded) hierarchical/wicked IBS. We also show that TSS can be generically constructed from DIBS. By instantiating them, we obtain the first wildcarded hierarchical/wicked IBS and the first invisible and/or unlinkable TSS. Moreover, we prove that DIBS are equivalent to not only TSS, but also their naive combination, named downgradable identity-based trapdoor sanitizable signatures

Tightly Secure Hierarchical Identity-Based Encryption

We construct the first tightly secure hierarchical identity-based encryption (HIBE) scheme based on standard assumptions, which solves an open problem from Blazy, Kiltz, and Pan (CRYPTO 2014). At the core of our constructions is a novel randomization technique that enables us to randomize user secret keys for identities with flexible length. The security reductions of previous HIBEs lose at least a factor of Q, which is the number of user secret key queries. Different to that, the security loss of our schemes is only dependent on the security parameter. Our schemes are adaptively secure based on the Matrix Diffie-Hellman assumption, which is a generalization of standard Diffie-Hellman assumptions such as k-Linear. We have two tightly secure constructions, one with constant ciphertext size, and the other with tighter security at the cost of linear ciphertext size. Among other things, our schemes imply the first tightly secure identity-based signature scheme by a variant of the Naor transformation

Security architecture for law enforcement agencies

In order to carry out their duty to serve and protect, law enforcement agencies (LEAs) must deploy new tools and applications to keep up with the pace of evolving technologies. However, police information and communication technology (ICT) systems have stringent security requirements that may delay the deployment of these new applications, since necessary security measures must be implemented first. This paper presents an integrated security architecture for LEAs that is able to provide common security services to novel and legacy ICT applications, while fulfilling the high security requirements of police forces. By reusing the security services provided by this architecture, new systems do not have to implement custom security mechanisms themselves, and can be easily integrated into existing police ICT infrastructures. The proposed LEA security architecture features state-of-the-art technologies, such as encrypted communications at network and application levels, or multifactor authentication based on certificates stored in smart cards.Web of Science7517107321070

Secure Data Aggregation in Wireless Sensor Networks. Homomorphism versus Watermarking Approach

International audienceWireless sensor networks are now in widespread use to monitor regions, detect events and acquire information. Since the deployed nodes are separated, they need to cooperatively communicate sensed data to the base station. Hence, transmissions are a very energy consuming operation. To reduce the amount of sending data, an aggregation approach can be applied along the path from sensors to the sink. However, usually the carried information contains confidential data. Therefore, an end-to-end secure aggregation approach is required to ensure a healthy data reception. End-to-end encryption schemes that support operations over cypher-text have been proved important for private party sensor network implementations. These schemes offer two main advantages: end-to-end concealment of data and ability to operate on cipher text, then no more decryption is required for aggregation. Unfortunately, nowadays these methods are very complex and not suitable for sensor nodes having limited resources. In this paper, we propose a secure end-to-end encrypted-data aggregation scheme. It is based on elliptic curve cryptography that exploits a smaller key size. Additionally, it allows the use of higher number of operations on cypher-texts and prevents the distinction between two identical texts from their cryptograms. These properties permit to our approach to achieve higher security levels than existing cryptosystems in sensor networks. Our experiments show that our proposed secure aggregation method significantly reduces computation and communication overhead and can be practically implemented in on-the-shelf sensor platforms. By using homomorphic encryption on elliptic curves, we thus have realized an efficient and secure data aggregation in sensor networks. Lastly, to enlarge the aggregation functions that can be used in a secure wireless sensor network, a watermarking-based authentication scheme is finally proposed

A hierarchical key pre-distribution scheme for fog networks

Security in fog computing is multi-faceted, and one particular challenge is establishing a secure communication channel between fog nodes and end devices. This emphasizes the importance of designing efficient and secret key distribution scheme to facilitate fog nodes and end devices to establish secure communication channels. Existing secure key distribution schemes designed for hierarchical networks may be deployable in fog computing, but they incur high computational and communication overheads and thus consume significant memory. In this paper, we propose a novel hierarchical key pre-distribution scheme based on “Residual Design” for fog networks. The proposed key distribution scheme is designed to minimize storage overhead and memory consumption, while increasing network scalability. The scheme is also designed to be secure against node capture attacks. We demonstrate that in an equal-size network, our scheme achieves around 84% improvement in terms of node storage overhead, and around 96% improvement in terms of network scalability. Our research paves the way for building an efficient key management framework for secure communication within the hierarchical network of fog nodes and end devices. KEYWORDS: Fog Computing, Key distribution, Hierarchical Networks

Adaptive Oblivious Transfer and Generalization

International audienceOblivious Transfer (OT) protocols were introduced in the seminal paper of Rabin, and allow a user to retrieve a given number of lines (usually one) in a database, without revealing which ones to the server. The server is ensured that only this given number of lines can be accessed per interaction, and so the others are protected; while the user is ensured that the server does not learn the numbers of the lines required. This primitive has a huge interest in practice, for example in secure multi-party computation, and directly echoes to Symmetrically Private Information Retrieval (SPIR). Recent Oblivious Transfer instantiations secure in the UC framework suf- fer from a drastic fallback. After the first query, there is no improvement on the global scheme complexity and so subsequent queries each have a global complexity of O(|DB|) meaning that there is no gain compared to running completely independent queries. In this paper, we propose a new protocol solving this issue, and allowing to have subsequent queries with a complexity of O(log(|DB|)), and prove the protocol security in the UC framework with adaptive corruptions and reliable erasures. As a second contribution, we show that the techniques we use for Obliv- ious Transfer can be generalized to a new framework we call Oblivi- ous Language-Based Envelope (OLBE). It is of practical interest since it seems more and more unrealistic to consider a database with uncontrolled access in access control scenarii. Our approach generalizes Oblivious Signature-Based Envelope, to handle more expressive credentials and requests from the user. Naturally, OLBE encompasses both OT and OSBE, but it also allows to achieve Oblivious Transfer with fine grain access over each line. For example, a user can access a line if and only if he possesses a certificate granting him access to such line. We show how to generically and efficiently instantiate such primitive, and prove them secure in the Universal Composability framework, with adaptive corruptions assuming reliable erasures. We provide the new UC ideal functionalities when needed, or we show that the existing ones fit in our new framework. The security of such designs allows to preserve both the secrecy of the database values and the user credentials. This symmetry allows to view our new approach as a generalization of the notion of Symmetrically PIR