SBVLC:Secure Barcode-based Visible Light Communication for Smartphones

2D barcodes have enjoyed a significant penetration rate in mobile applications. This is largely due to the extremely low barrier to adoption – almost every camera-enabled smartphone can scan 2D barcodes. As an alternative to NFC technology, 2D barcodes have been increasingly used for security-sensitive mobile applications including mobile payments and personal identification. However, the security of barcode-based communication in mobile applications has not been systematically studied. Due to the visual nature, 2D barcodes are subject to eavesdropping when they are displayed on the smartphone screens. On the other hand, the fundamental design principles of 2D barcodes make it difficult to add security features. In this paper, we propose SBVLC - a secure system for barcode-based visible light communication (VLC) between smartphones. We formally analyze the security of SBVLC based on geometric models and propose physical security enhancement mechanisms for barcode communication by manipulating screen view angles and leveraging user-induced motions. We then develop three secure data exchange schemes that encode information in barcode streams. These schemes are useful in many security-sensitive mobile applications including private information sharing, secure device pairing, and contactless payment. SBVLC is evaluated through extensive experiments on both Android and iOS smartphones

Coded Merkle Tree: Solving Data Availability Attacks in Blockchains

In this paper, we propose coded Merkle tree (CMT), a novel hash accumulator that offers a constant-cost protection against data availability attacks in blockchains, even if the majority of the network nodes are malicious. A CMT is constructed using a family of sparse erasure codes on each layer, and is recovered by iteratively applying a peeling-decoding technique that enables a compact proof for data availability attack on any layer. Our algorithm enables any node to verify the full availability of any data block generated by the system by just downloading a $\Theta(1)$ byte block hash commitment and randomly sampling $\Theta(\log b)$ bytes, where $b$ is the size of the data block. With the help of only one connected honest node in the system, our method also allows any node to verify any tampering of the coded Merkle tree by just downloading $\Theta(\log b)$ bytes. We provide a modular library for CMT in Rust and Python and demonstrate its efficacy inside the Parity Bitcoin client.Comment: To appear in Financial Cryptography and Data Security (FC) 202

Capacity Theorems for Quantum Multiple Access Channels: Classical-Quantum and Quantum-Quantum Capacity Regions

We consider quantum channels with two senders and one receiver. For an arbitrary such channel, we give multi-letter characterizations of two different two-dimensional capacity regions. The first region is comprised of the rates at which it is possible for one sender to send classical information, while the other sends quantum information. The second region consists of the rates at which each sender can send quantum information. For each region, we give an example of a channel for which the corresponding region has a single-letter description. One of our examples relies on a new result proved here, perhaps of independent interest, stating that the coherent information over any degradable channel is concave in the input density operator. We conclude with connections to other work and a discussion on generalizations where each user simultaneously sends classical and quantum information.Comment: 38 pages, 1 figure. Fixed typos, added new example. Submitted to IEEE Tranactions on Information Theor

Mobile application for filing of and payment for Intellectual Property Rights using QR code: case of Kenya industrial property institute

Thesis submitted in partial fulfillment of the requirements for the Degree of Master of Science in Information Technology (MSIT) at Strathmore UniversityEnsuring secure transmission of sensitive data and payment of transaction fees has been one of the challenges affecting customers and businesses. Intellectual Property (IP) field is one such area that has faced such challenge. Over the years, IP has grown in importance, attracting greater interest and increased need by inventors and other IP rights holders to seek protection of their inventions and other IP rights. To ensure protection of these rights, applicants are required to file their applications at IP offices and remit various fees during the examination process, as well as pay annual maintenance fee for the protection to remain valid. While filing for IP rights, applicants face security challenge, as their IP data can be intercepted while in transit or be exposed to third parties thus compromising their inventions. In addition, while making payment of IP fees, they face challenges such as delayed transactions and platform incompatibility. On the other hand, IP offices are susceptible to loss of revenue as a result of less-than-secure payment methods used. Hence, this study aimed at establishing how proximity/contactless technology could be incorporated into mobile-based devices to support secure mobile filing of and payment systems for IP rights. This research therefore proposed a process to develop a QR code-based mobile application that would facilitate speedy and secure filing and transmission of IP data as well as settlement of payments by IP rights holders to IP offices. Consequently, a functional mobile application that can generate a QR code, post the same to a remote server and make payment by scanning a QR code is presented. Additionally, a simple web page is provided to present the submitted information which has been encoded in QR format. Data collection was achieved by means of questionnaires and review of secondary data sources. The study was conducted in line with ethical practices as specified by the University rules and regulations

Zero-Knowledge Proof Systems for QMA

© 2016 IEEE. Prior work has established that all problems in NP admit classical zero-knowledge proof systems, and under reasonable hardness assumptions for quantum computations, these proof systems can be made secure against quantum attacks. We prove a result representing a further quantum generalization of this fact, which is that every problem in the complexity class QMA has a quantum zero-knowledge proof system. More specifically, assuming the existence of an unconditionally binding and quantum computationally concealing commitment scheme, we prove that every problem in the complexity class QMA has a quantum interactive proof system that is zero-knowledge with respect to efficient quantum computations. Our QMA proof system is sound against arbitrary quantum provers, but only requires an honest prover to perform polynomial-time quantum computations, provided that it holds a quantum witness for a given instance of the QMA problem under consideration

Biometric Cryptosystems : Authentication, Encryption and Signature for Biometric Identities

Biometrics have been used for secure identification and authentication for more than two decades since biometric data is unique, non-transferable, unforgettable, and always with us. Recently, biometrics has pervaded other aspects of security applications that can be listed under the topic of ``Biometric Cryptosystems''. Although the security of some of these systems is questionable when they are utilized alone, integration with other technologies such as digital signatures or Identity Based Encryption (IBE) schemes results in cryptographically secure applications of biometrics. It is exactly this field of biometric cryptosystems that we focused in this thesis. In particular, our goal is to design cryptographic protocols for biometrics in the framework of a realistic security model with a security reduction. Our protocols are designed for biometric based encryption, signature and remote authentication. We first analyze the recently introduced biometric remote authentication schemes designed according to the security model of Bringer et al.. In this model, we show that one can improve the database storage cost significantly by designing a new architecture, which is a two-factor authentication protocol. This construction is also secure against the new attacks we present, which disprove the claimed security of remote authentication schemes, in particular the ones requiring a secure sketch. Thus, we introduce a new notion called ``Weak-identity Privacy'' and propose a new construction by combining cancelable biometrics and distributed remote authentication in order to obtain a highly secure biometric authentication system. We continue our research on biometric remote authentication by analyzing the security issues of multi-factor biometric authentication (MFBA). We formally describe the security model for MFBA that captures simultaneous attacks against these systems and define the notion of user privacy, where the goal of the adversary is to impersonate a client to the server. We design a new protocol by combining bipartite biotokens, homomorphic encryption and zero-knowledge proofs and provide a security reduction to achieve user privacy. The main difference of this MFBA protocol is that the server-side computations are performed in the encrypted domain but without requiring a decryption key for the authentication decision of the server. Thus, leakage of the secret key of any system component does not affect the security of the scheme as opposed to the current biometric systems involving cryptographic techniques. We also show that there is a tradeoff between the security level the scheme achieves and the requirement for making the authentication decision without using any secret key. In the second part of the thesis, we delve into biometric-based signature and encryption schemes. We start by designing a new biometric IBS system that is based on the currently most efficient pairing based signature scheme in the literature. We prove the security of our new scheme in the framework of a stronger model compared to existing adversarial models for fuzzy IBS, which basically simulates the leakage of partial secret key components of the challenge identity. In accordance with the novel features of this scheme, we describe a new biometric IBE system called as BIO-IBE. BIO-IBE differs from the current fuzzy systems with its key generation method that not only allows for a larger set of encryption systems to function for biometric identities, but also provides a better accuracy/identification of the users in the system. In this context, BIO-IBE is the first scheme that allows for the use of multi-modal biometrics to avoid collision attacks. Finally, BIO-IBE outperforms the current schemes and for small-universe of attributes, it is secure in the standard model with a better efficiency compared to its counterpart. Another contribution of this thesis is the design of biometric IBE systems without using pairings. In fact, current fuzzy IBE schemes are secure under (stronger) bilinear assumptions and the decryption of each message requires pairing computations almost equal to the number of attributes defining the user. Thus, fuzzy IBE makes error-tolerant encryption possible at the expense of efficiency and security. Hence, we design a completely new construction for biometric IBE based on error-correcting codes, generic conversion schemes and weakly secure anonymous IBE schemes that encrypt a message bit by bit. The resulting scheme is anonymous, highly secure and more efficient compared to pairing-based biometric IBE, especially for the decryption phase. The security of our generic construction is reduced to the security of the anonymous IBE scheme, which is based on the Quadratic Residuosity assumption. The binding of biometric features to the user's identity is achieved similar to BIO-IBE, thus, preserving the advantages of its key generation procedure

Instantaneous Quantum Computation

We examine theoretic architectures and an abstract model for a restricted class of quantum computation, called here instantaneous quantum computation because it allows for essentially no temporal structure within the quantum dynamics. Using the theory of binary matroids, we argue that the paradigm is rich enough to enable sampling from probability distributions that cannot, classically, be sampled from efficiently and accurately. This paradigm also admits simple interactive proof games that may convince a skeptic of the existence of truly quantum effects. Furthermore, these effects can be created using significantly fewer qubits than are required for running Shor's Algorithm.Comment: Significantly rewritten for clarity, more explanation adde

Cryptography based on the Hardness of Decoding

This thesis provides progress in the fields of for lattice and coding based cryptography. The first contribution consists of constructions of IND-CCA2 secure public key cryptosystems from both the McEliece and the low noise learning parity with noise assumption. The second contribution is a novel instantiation of the lattice-based learning with errors problem which uses uniform errors

Time diversity solutions to cope with lost packets

A dissertation submitted to Departamento de Engenharia Electrotécnica of Faculdade de Ciências e Tecnologia of Universidade Nova de Lisboa in partial fulfilment of the requirements for the degree of Doctor of Philosophy in Engenharia Electrotécnica e de ComputadoresModern broadband wireless systems require high throughputs and can also have very high Quality-of-Service (QoS) requirements, namely small error rates and short delays. A high spectral efficiency is needed to meet these requirements. Lost packets, either due to errors or collisions, are usually discarded and need to be retransmitted, leading to performance degradation. An alternative to simple retransmission that can improve both power and spectral efficiency is to combine the signals associated to different transmission attempts. This thesis analyses two time diversity approaches to cope with lost packets that are relatively similar at physical layer but handle different packet loss causes. The first is a lowcomplexity Diversity-Combining (DC) Automatic Repeat reQuest (ARQ) scheme employed in a Time Division Multiple Access (TDMA) architecture, adapted for channels dedicated to a single user. The second is a Network-assisted Diversity Multiple Access (NDMA) scheme, which is a multi-packet detection approach able to separate multiple mobile terminals transmitting simultaneously in one slot using temporal diversity. This thesis combines these techniques with Single Carrier with Frequency Division Equalizer (SC-FDE) systems, which are widely recognized as the best candidates for the uplink of future broadband wireless systems. It proposes a new NDMA scheme capable of handling more Mobile Terminals (MTs) than the user separation capacity of the receiver. This thesis also proposes a set of analytical tools that can be used to analyse and optimize the use of these two systems. These tools are then employed to compare both approaches in terms of error rate, throughput and delay performances, and taking the implementation complexity into consideration. Finally, it is shown that both approaches represent viable solutions for future broadband wireless communications complementing each other.Fundação para a Ciência e Tecnologia - PhD grant(SFRH/BD/41515/2007); CTS multi-annual funding project PEst-OE/EEI/UI0066/2011, IT pluri-annual funding project PEst-OE/EEI/LA0008/2011, U-BOAT project PTDC/EEATEL/ 67066/2006, MPSat project PTDC/EEA-TEL/099074/2008 and OPPORTUNISTICCR project PTDC/EEA-TEL/115981/200

Program analysis for android security and reliability

The recent, widespread growth and adoption of mobile devices have revolutionized the way users interact with technology. As mobile apps have become increasingly prevalent, concerns regarding their security and reliability have gained significant attention. The ever-expanding mobile app ecosystem presents unique challenges in ensuring the protection of user data and maintaining app robustness. This dissertation expands the field of program analysis with techniques and abstractions tailored explicitly to enhancing Android security and reliability. This research introduces approaches for addressing critical issues related to sensitive information leakage, device and user fingerprinting, mobile medical score calculators, as well as termination-induced data loss. Through a series of comprehensive studies and employing novel approaches that combine static and dynamic analysis, this work provides valuable insights and practical solutions to the aforementioned challenges. In summary, this dissertation makes the following contributions: (1) precise identifier leak tracking via a novel algebraic representation of leak signatures, (2) identifier processing graphs (IPGs), an abstraction for extracting and subverting user-based and device-based fingerprinting schemes, (3) interval-based verification of medical score calculator correctness, and (4) identifying potential data losses caused by app termination