Key logging Prevention by QR code with Visual Authentication

Keylogging is an activity of capturing users’ keyboard strokes and records the activity of a computer user in a covert manner using key logger hardware and software. The key loggers secretly monitor and log all keystrokes. Unlike other malicious programs, key loggers do not cause any threat to system. But it can be used to intercept passwords and other confidential information entered via the keyboard by considering various root kits residing in PCs (Personnel Computers) that breaches the security. Cyber criminals can get user names, email passwords, PIN codes, account numbers, email addresses, passwords to online gaming accounts, e-payment systems, etc. As a result, it impersonates a user during authentication in financial transactions. To prevent key logging, the strict authentication is required. The QR code can be used to design the visual authentication protocols to achieve high usability and security. The two authentication protocols are Time based One-Time-Password protocol and Password-based authentication protocol. Through accurate analysis, the protocols are proved to be robust to several authentication attacks. And also by deploying these two protocols in real-world applications especially in online transactions, the strict security requirements can be satisfied

Mitigating Blind Signature Attacks Using Daily Updated Quotes (DUQ)

No Abstrac

A Genuine Random Sequential Multi-signature Scheme

The usual sequential multi-signature scheme allows the multi-signers to sign the document with their own information and sequence, and the signature is not real random and secure. The paper analyzes the reasons for the insecurity of the previous multi-signature scheme, and puts forward a Genuine Random Sequential Multi-signature Scheme based on The Waters signature scheme, and the experiment proves that this scheme is a good scheme suitable for the practical application with high computing efficiency

Fair and Decentralized Exchange of Digital Goods

We construct a privacy-preserving, distributed and decentralized marketplace where parties can exchange data for tokens. In this market, buyers and sellers make transactions in a blockchain and interact with a third party, called notary, who has the ability to vouch for the authenticity and integrity of the data. We introduce a protocol for the data-token exchange where neither party gains more information than what it is paying for, and the exchange is fair: either both parties gets the other's item or neither does. No third party involvement is required after setup, and no dispute resolution is needed.Comment: 10 page

Enabling Privacy-preserving Auctions in Big Data

We study how to enable auctions in the big data context to solve many upcoming data-based decision problems in the near future. We consider the characteristics of the big data including, but not limited to, velocity, volume, variety, and veracity, and we believe any auction mechanism design in the future should take the following factors into consideration: 1) generality (variety); 2) efficiency and scalability (velocity and volume); 3) truthfulness and verifiability (veracity). In this paper, we propose a privacy-preserving construction for auction mechanism design in the big data, which prevents adversaries from learning unnecessary information except those implied in the valid output of the auction. More specifically, we considered one of the most general form of the auction (to deal with the variety), and greatly improved the the efficiency and scalability by approximating the NP-hard problems and avoiding the design based on garbled circuits (to deal with velocity and volume), and finally prevented stakeholders from lying to each other for their own benefit (to deal with the veracity). We achieve these by introducing a novel privacy-preserving winner determination algorithm and a novel payment mechanism. Additionally, we further employ a blind signature scheme as a building block to let bidders verify the authenticity of their payment reported by the auctioneer. The comparison with peer work shows that we improve the asymptotic performance of peer works' overhead from the exponential growth to a linear growth and from linear growth to a logarithmic growth, which greatly improves the scalability