2,425 research outputs found
Hidden in the Cloud : Advanced Cryptographic Techniques for Untrusted Cloud Environments
In the contemporary digital age, the ability to search and perform operations on encrypted data has become increasingly important. This significance is primarily due to the exponential growth of data, often referred to as the "new oil," and the corresponding rise in data privacy concerns. As more and more data is stored in the cloud, the need for robust security measures to protect this data from unauthorized access and misuse has become paramount.
One of the key challenges in this context is the ability to perform meaningful operations on the data while it remains encrypted. Traditional encryption techniques, while providing a high level of security, render the data unusable for any practical purpose other than storage. This is where advanced cryptographic protocols like Symmetric Searchable Encryption (SSE), Functional Encryption (FE), Homomorphic Encryption (HE), and Hybrid Homomorphic Encryption (HHE) come into play. These protocols not only ensure the confidentiality of data but also allow computations on encrypted data, thereby offering a higher level of security and privacy.
The ability to search and perform operations on encrypted data has several practical implications. For instance, it enables efficient Boolean queries on encrypted databases, which is crucial for many "big data" applications. It also allows for the execution of phrase searches, which are important for many machine learning applications, such as intelligent medical data analytics. Moreover, these capabilities are particularly relevant in the context of sensitive data, such as health records or financial information, where the privacy and security of user data are of utmost importance.
Furthermore, these capabilities can help build trust in digital systems. Trust is a critical factor in the adoption and use of digital services. By ensuring the confidentiality, integrity, and availability of data, these protocols can help build user trust in cloud services. This trust, in turn, can drive the wider adoption of digital services, leading to a more inclusive digital society.
However, it is important to note that while these capabilities offer significant advantages, they also present certain challenges. For instance, the computational overhead of these protocols can be substantial, making them less suitable for scenarios where efficiency is a critical requirement. Moreover, these protocols often require sophisticated key management mechanisms, which can be challenging to implement in practice. Therefore, there is a need for ongoing research to address these challenges and make these protocols more efficient and practical for real-world applications.
The research publications included in this thesis offer a deep dive into the intricacies and advancements in the realm of cryptographic protocols, particularly in the context of the challenges and needs highlighted above.
Publication I presents a novel approach to hybrid encryption, combining the strengths of ABE and SSE. This fusion aims to overcome the inherent limitations of both techniques, offering a more secure and efficient solution for key sharing and access control in cloud-based systems. Publication II further expands on SSE, showcasing a dynamic scheme that emphasizes forward and backward privacy, crucial for ensuring data integrity and confidentiality. Publication III and Publication IV delve into the potential of MIFE, demonstrating its applicability in real-world scenarios, such as designing encrypted private databases and additive reputation systems. These publications highlight the transformative potential of MIFE in bridging the gap between theoretical cryptographic concepts and practical applications. Lastly, Publication V underscores the significance of HE and HHE as a foundational element for secure protocols, emphasizing its potential in devices with limited computational capabilities.
In essence, these publications not only validate the importance of searching and performing operations on encrypted data but also provide innovative solutions to the challenges mentioned. They collectively underscore the transformative potential of advanced cryptographic protocols in enhancing data security and privacy, paving the way for a more secure digital future
A novel smart contract based blockchain with sidechain for electronic voting
Several countries have been researching digital voting methods in order to overcome the challenges of paper balloting and physical voting. The recent coronavirus disease 2019 (COVID-19) epidemic has compelled the remote implementation of existing systems and procedures. Online voting will ultimately become the norm just like unified payments interface (UPI) payments and online banking. With digital voting or electronic voting (e-voting) a small bug can cause massive vote rigging. E-voting must be honest, exact, safe, and simple. E-voting is vulnerable to malware, which can disrupt servers. Blockchain’s end-to-end validation solves these problems. Three smart contracts-voter, candidate, and voting-are employed. The problem of fraudulent actions is addressed using vote coins. Vote coins indicate voter status. Sidechain technology complements blockchain. Sidechains improve blockchain functionality by performing operations outside of blockchains and delivering the results to the mainchain. Thus, storing the encrypted vote on the sidechain and using the decrypted result on the mainchain reduces cost. Building access control policies to grant only authorized users’ access to the votes for counting is made simpler by this authorization paradigm. Results of the approach depict the proposed e-voting system improves system security against replay attacks and reduces the processing cost as well as processing time
DeVoS: Deniable Yet Verifiable Vote Updating
peer reviewedInternet voting systems are supposed to meet the same high standards as traditional paper-based systems when used in real political elections: freedom of choice, universal and equal suffrage, secrecy of the ballot, and independent verifiability of the election result. Although numerous Internet voting systems have been proposed to achieve these challenging goals simultaneously, few come close in reality.
We propose a novel publicly verifiable and practically efficient Internet voting system, DeVoS, that advances the state of the art. The main feature of DeVoS is its ability to protect voters' freedom of choice in several dimensions. First, voters in DeVoS can intuitively update their votes in a way that is deniable to observers but verifiable by the voters; in this way voters can secretly overwrite potentially coerced votes. Second, in addition to (basic) vote privacy, DeVoS also guarantees strong participation privacy by end-to-end hiding which voters have submitted ballots and which have not. Finally, DeVoS is fully compatible with Perfectly Private Audit Trail, a state-of-the-art Internet voting protocol with practical everlasting privacy. In combination, DeVoS offers a new way to secure free Internet elections with strong and long-term privacy properties
The Fallacy of Systemic Racism in the American Criminal Justice System
Critics of the criminal justice system have repeatedly charged it with systemic racism. It is a tenet of the “war” on the “War on Drugs,” it is a justification used by the so-called “progressive prosecutors” to reject the “Broken Windows” theory of law enforcement, and it is an article of faith of the “Defund the Police!” movement. Even President Joe Biden and his chief lieutenants leveled the same allegation early in this administration. Although the President has eschewed the belief that Americans are a racist people, others have not, proclaiming that virtually anyone who is white is a racist.
Yet, few people have defined what they mean by that term. This Article examines what it could mean and tests the truth of the systemic racism claim under each possible definition. None stands up to scrutiny. One argument is that the American citizens who run our many institutions are motivated by racial animus. But the evidence is that racial animus is no longer tolerated in society, and what is more, the criminal justice system strives to identify it when it does occur and to remedy it. Another argument says that the overtly racist beliefs and practices of the past have created lingering racist effects, but this argument cherry-picks historical facts (when it does not ignore them altogether) and fails to grapple with the country’s historic and ongoing efforts to eliminate racial discrimination. It also assumes a causal relationship between past discrimination and present disparities that is unsupported and often contradicted by the evidence. Yet another argument relies psychological research to claim that white Americans are animated by a subconscious racial animus. That research, however, has been debunked. Still another argument says that the criminal justice system is systemically racist because it has disparate effects across racial groups, but this argument looks only at the offenders’ side of the criminal justice system and fails to consider the effect of the criminal justice system on victims.
Proponents of the systemic racism theory often proffer “solutions” to it. This Article examines those too and finds that many would, in fact, harm the very people they aim to help. In the context of the “War on Drugs,” where so much of the rhetoric is focused, the authors examine these arguments and solutions. The bottom line is this: the claim of systemic racism in the criminal justice system is unjustified
The politics of internet privacy regulation in a globalised world: an examination of regulatory agencies' autonomy, politicisation, and lobbying strategies
The rapid proliferation of new information technologies has not only made internet privacy one of the most pressing issues of the contemporary area, it has also triggered new regulatory challenges because of their cross-border character. This PhD thesis examines the politics of internet privacy regulation at the global level. Existing research has largely investigated the extent to which there is no international privacy regime, when and why data protection regulations in the European Union affect member state laws and trade relations, and how interest groups shape data protection regulations in the EU. Little scholarly attention, however, has been accorded to the decision-making processes and policies produced beyond the legislative arena. Non-legislative and technical modes of policy-making are yet becoming more prominent in global politics. This research focuses on global data protection and internet privacy rules determined by leading, but little-known, internet regulatory agencies, in particular: the Internet Corporation for Assigned Names and Numbers, World Wide Web Consortium, Internet Engineering Task Force, and Institute of Electrical and Electronics Engineers. It investigates three distinct but interconnected questions regarding regulatory agencies' autonomy, politicisation, and interest groups' lobbying strategies. Each of the three questions corresponds to one substantive chapter and makes distinct contributions, using separate theoretical frameworks, methods, and analyses. Taken together, the chapters provide important theoretical arguments and empirical evidence on the making of internet privacy regulation, with a special emphasis on the role of corporate interests
LIPIcs, Volume 251, ITCS 2023, Complete Volume
LIPIcs, Volume 251, ITCS 2023, Complete Volum
Formal Verification of Verifiability in E-Voting Protocols
Election verifiability is one of the main security properties of e-voting protocols, referring to the ability of independent entities, such as voters or election observers, to validate the outcome of the voting process. It can be ensured by means of formal verification that applies mathematical logic to verify the considered protocols under well-defined assumptions, specifications, and corruption scenarios. Automated tools allow an efficient and accurate way to perform formal verification, enabling comprehensive analysis of all execution scenarios and eliminating the human errors in the manual verification. The existing formal verification frameworks that are suitable for automation are not general enough to cover a broad class of e-voting protocols. They do not cover revoting and cannot be tuned to weaker or stronger levels of security that may be achievable in practice. We therefore propose a general formal framework that allows automated verification of verifiability in e-voting protocols. Our framework is easily applicable to many protocols and corruption scenarios. It also allows refined specifications of election procedures, for example accounting for revote policies.
We apply our framework to the analysis of several real-world case studies, where we capture both known and new attacks, and provide new security guarantees. First, we consider Helios, a prominent web-based e-voting protocol, which aims to provide end-to-end verifiability. It is however vulnerable to ballot stuffing when the voting server is corrupt. Second, we consider Belenios, which builds upon Helios and aims to achieve stronger verifiability, preventing ballot stuffing by splitting the trust between a registrar and the server. Both of these systems have been used in many real-world elections. Our third case study is Selene, which aims to simplify the individual verification procedure for voters, providing them with trackers for verifying their votes in the clear at the end of election. Finally, we consider the Estonian e-voting protocol, that has been deployed for national elections since 2005. The protocol has continuously evolved to offer better verifiability guarantees but has no formal analysis. We apply our framework to realistic models of all these protocols, deriving the first automated formal analysis in each case. As a result, we find several new attacks, improve the corresponding protocols to address their weakness, and prove that verifiability holds for the new versions
Consensus Algorithms of Distributed Ledger Technology -- A Comprehensive Analysis
The most essential component of every Distributed Ledger Technology (DLT) is
the Consensus Algorithm (CA), which enables users to reach a consensus in a
decentralized and distributed manner. Numerous CA exist, but their viability
for particular applications varies, making their trade-offs a crucial factor to
consider when implementing DLT in a specific field. This article provided a
comprehensive analysis of the various consensus algorithms used in distributed
ledger technologies (DLT) and blockchain networks. We cover an extensive array
of thirty consensus algorithms. Eleven attributes including hardware
requirements, pre-trust level, tolerance level, and more, were used to generate
a series of comparison tables evaluating these consensus algorithms. In
addition, we discuss DLT classifications, the categories of certain consensus
algorithms, and provide examples of authentication-focused and
data-storage-focused DLTs. In addition, we analyze the pros and cons of
particular consensus algorithms, such as Nominated Proof of Stake (NPoS),
Bonded Proof of Stake (BPoS), and Avalanche. In conclusion, we discuss the
applicability of these consensus algorithms to various Cyber Physical System
(CPS) use cases, including supply chain management, intelligent transportation
systems, and smart healthcare.Comment: 50 pages, 20 figure
Complete Knowledge: Preventing Encumbrance of Cryptographic Secrets
Most cryptographic protocols model a player’s knowledge of secrets in a simple way. Informally, the player knows a secret in the sense that she can directly furnish it as a (private) input to a protocol, e.g., to digitally sign a message.
The growing availability of Trusted Execution Environments (TEEs) and secure multiparty computation, however, undermines this model of knowledge. Such tools can encumber a secret sk and permit a chosen player to access sk conditionally, without actually knowing sk. By permitting selective access to sk by an adversary, encumbrance of secrets can enable vote-selling in cryptographic voting schemes, illegal sale of credentials for online services, and erosion of deniability in anonymous messaging systems.
Unfortunately, existing proof-of-knowledge protocols fail to demonstrate that a secret is unencumbered. We therefore introduce and formalize a new notion called complete knowledge (CK). A proof (or argument) of CK shows that a prover does not just know a secret, but also has fully unencumbered knowledge, i.e., unrestricted ability to use the secret.
We introduce two practical CK schemes that use special-purpose hardware, specifically TEEs and off-the-shelf mining ASICs. We prove the security of these schemes and explore their practical deployment with a complete, end-to-end prototype that supports both. We show how CK can address encumbrance attacks identified in previous work. Finally, we introduce two new applications enabled by CK that involve proving ownership of blockchain assets
- …