70 research outputs found
Public cloud data auditing with practical key update and zero knowledge privacy
Data integrity is extremely important for cloud based storage services, where cloud users no longer have physical possession of their outsourced files. A number of data auditing mechanisms have been proposed to solve this problem. However, how to update a cloud user\u27s private auditing key (as well as the authenticators those keys are associated with) without the user\u27s re-possession of the data remains an open problem. In this paper, we propose a key-updating and authenticator-evolving mechanism with zero-knowledge privacy of the stored files for secure cloud data auditing, which incorporates zero knowledge proof systems, proxy re-signatures and homomorphic linear authenticators. We instantiate our proposal with the state-of-the-art Shacham-Waters auditing scheme. When the cloud user needs to update his key, instead of downloading the entire file and re-generating all the authenticators, the user can just download and update the authenticators. This approach dramatically reduces the communication and computation cost while maintaining the desirable security. We formalize the security model of zero knowledge data privacy for auditing schemes in the key-updating context and prove the soundness and zero-knowledge privacy of the proposed construction. Finally, we analyze the complexity of communication, computation and storage costs of the improved protocol which demonstrates the practicality of the proposal
Protecting the Visual Fidelity of Machine Learning Datasets Using QR Codes
Machine learning is becoming increasingly popular in a variety of modern technology. However, research has demonstrated that machine learning models are vulnerable to adversarial examples in their inputs. Potential attacks include poisoning datasets by perturbing input samples to mislead a machine learning model into producing undesirable results. Such perturbations are often subtle and imperceptible from a human\u27s perspective. This paper investigates two methods of verifying the visual fidelity of image based datasets by detecting perturbations made to the data using QR codes. In the first method, a verification string is stored for each image in a dataset. These verification strings can be used to determine whether an image in the dataset has been perturbed. In the second method, only a single verification string stored and is used to verify whether an entire dataset is intact
Weakened Random Oracle Models with Target Prefix
Weakened random oracle models (WROMs) are variants of the random oracle model
(ROM). The WROMs have the random oracle and the additional oracle which breaks
some property of a hash function. Analyzing the security of cryptographic
schemes in WROMs, we can specify the property of a hash function on which the
security of cryptographic schemes depends. Liskov (SAC 2006) proposed WROMs and
later Numayama et al. (PKC 2008) formalized them as CT-ROM, SPT-ROM, and
FPT-ROM. In each model, there is the additional oracle to break collision
resistance, second preimage resistance, preimage resistance respectively. Tan
and Wong (ACISP 2012) proposed the generalized FPT-ROM (GFPT-ROM) which
intended to capture the chosen prefix collision attack suggested by Stevens et
al. (EUROCRYPT 2007). In this paper, in order to analyze the security of
cryptographic schemes more precisely, we formalize GFPT-ROM and propose
additional three WROMs which capture the chosen prefix collision attack and its
variants. In particular, we focus on signature schemes such as RSA-FDH, its
variants, and DSA, in order to understand essential roles of WROMs in their
security proofs
Improving Air Interface User Privacy in Mobile Telephony
Although the security properties of 3G and 4G mobile networks have
significantly improved by comparison with 2G (GSM), significant shortcomings
remain with respect to user privacy. A number of possible modifications to 2G,
3G and 4G protocols have been proposed designed to provide greater user
privacy; however, they all require significant modifications to existing
deployed infrastructures, which are almost certainly impractical to achieve in
practice. In this article we propose an approach which does not require any
changes to the existing deployed network infrastructures or mobile devices, but
offers improved user identity protection over the air interface. The proposed
scheme makes use of multiple IMSIs for an individual USIM to offer a degree of
pseudonymity for a user. The only changes required are to the operation of the
authentication centre in the home network and to the USIM, and the scheme could
be deployed immediately since it is completely transparent to the existing
mobile telephony infrastructure. We present two different approaches to the use
and management of multiple IMSIs
On the Leakage of Fuzzy Matchers
In a biometric recognition system, the matcher compares an old and a fresh
template to decide if it is a match or not. Beyond the binary output (`yes' or
`no'), more information is computed. This paper provides an in-depth analysis
of information leakage during distance evaluation, with an emphasis on
threshold-based obfuscated distance (\textit{i.e.}, Fuzzy Matcher). Leakage can
occur due to a malware infection or the use of a weakly privacy-preserving
matcher, exemplified by side channel attacks or partially obfuscated designs.
We provide an exhaustive catalog of information leakage scenarios as well as
their impacts on the security concerning data privacy. Each of the scenarios
leads to generic attacks whose impacts are expressed in terms of computational
costs, hence allowing the establishment of upper bounds on the security level.Comment: Minor correction
Directly revocable ciphertext-policy attribute-based encryption from lattices
Attribute-based encryption (ABE) is a promising type of cryptosystem achieving fine-grained access control on encrypted data.
Revocable attribute-based encryption (RABE) is an extension of ABE that provides revocation mechanisms when user\u27s attributes change, key exposure, and so on.
In this paper, we propose two directly revocable ciphertext-policy attribute-based encryption (DR-ABE) schemes from lattices, which support flexible threshold access policies on multi-valued attributes, achieving user-level and attribute-level user revocation, respectively.
Specifically, the revocation list is defined and embedded into the ciphertext by the message sender
to revoke a user in the user-level revocable scheme or revoke some attributes of a certain user in the attribute-level revocable scheme.
We also discuss how to outsource decryption and reduce the workload for the end user.
Our schemes are proved to be secure in the standard model, assuming the hardness of the learning with errors (LWE) problem
Still Wrong Use of Pairings in Cryptography
Several pairing-based cryptographic protocols are recently proposed with a
wide variety of new novel applications including the ones in emerging
technologies like cloud computing, internet of things (IoT), e-health systems
and wearable technologies. There have been however a wide range of incorrect
use of these primitives. The paper of Galbraith, Paterson, and Smart (2006)
pointed out most of the issues related to the incorrect use of pairing-based
cryptography. However, we noticed that some recently proposed applications
still do not use these primitives correctly. This leads to unrealizable,
insecure or too inefficient designs of pairing-based protocols. We observed
that one reason is not being aware of the recent advancements on solving the
discrete logarithm problems in some groups. The main purpose of this article is
to give an understandable, informative, and the most up-to-date criteria for
the correct use of pairing-based cryptography. We thereby deliberately avoid
most of the technical details and rather give special emphasis on the
importance of the correct use of bilinear maps by realizing secure
cryptographic protocols. We list a collection of some recent papers having
wrong security assumptions or realizability/efficiency issues. Finally, we give
a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page
Trivial Transciphering With Trivium and TFHE
We examine the use of Trivium and Kreyvium as transciphering mechanisms for use with the TFHE FHE scheme. Originally these two ciphers were investigated for FHE transciphering only in the context of the BGV/BFV FHE schemes; this is despite Trivium and Kreyvium being particarly suited to TFHE. Recent work by Dobraunig et al. gave some initial experimental results using TFHE. We show that these two symmetric ciphers have excellent performance when homomorphically evaluated using TFHE. Indeed we improve upon the results of Dobraunig et al. by at least two orders of magnitude in terms of latency. This shows that, for TFHE at least, one can transcipher using a standardized symmetric cipher (Trivium), without the need for special FHE-friendly ciphers being employed. For applications wanting extra security, but without the benefit of relying on a standardized cipher, our work shows that Kreyvium is a good candidate
- …