Advancing Federated Learning in 6G: A Trusted Architecture with Graph-based Analysis

Integrating native AI support into the network architecture is an essential objective of 6G. Federated Learning (FL) emerges as a potential paradigm, facilitating decentralized AI model training across a diverse range of devices under the coordination of a central server. However, several challenges hinder its wide application in the 6G context, such as malicious attacks and privacy snooping on local model updates, and centralization pitfalls. This work proposes a trusted architecture for supporting FL, which utilizes Distributed Ledger Technology (DLT) and Graph Neural Network (GNN), including three key features. First, a pre-processing layer employing homomorphic encryption is incorporated to securely aggregate local models, preserving the privacy of individual models. Second, given the distributed nature and graph structure between clients and nodes in the pre-processing layer, GNN is leveraged to identify abnormal local models, enhancing system security. Third, DLT is utilized to decentralize the system by selecting one of the candidates to perform the central server's functions. Additionally, DLT ensures reliable data management by recording data exchanges in an immutable and transparent ledger. The feasibility of the novel architecture is validated through simulations, demonstrating improved performance in anomalous model detection and global model accuracy compared to relevant baselines.Comment: Accepted by IEEE Global Communications Conference (GLOBECOM) 202

Novel Secret Sharing and Commitment Schemes for Cryptographic Applications

In the second chapter, the notion of a social secret sharing (SSS) scheme is introduced in which shares are allocated based on a player's reputation and the way she interacts with other parties. In other words, this scheme renews shares at each cycle without changing the secret, and it allows the trusted parties to gain more authority. Our motivation is that, in real-world applications, components of a secure scheme have different levels of importance (i.e., the number of shares a player has) and reputation (i.e., cooperation with other parties). Therefore, a good construction should balance these two factors accordingly. In the third chapter, a novel socio-rational secret sharing (SRS) scheme is introduced in which rational foresighted players have long-term interactions in a social context, i.e., players run secret sharing while founding and sustaining a public trust network. To motivate this, consider a repeated secret sharing game such as sealed-bid auctions. If we assume each party has a reputation value, we can then penalize (or reward) the players who are selfish (or unselfish) from game to game. This social reinforcement stimulates the players to be cooperative in the secret recovery phase. Unlike the existing protocols in the literature, the proposed solution is stable and it only has a single reconstruction round. In the fourth chapter, a comprehensive analysis of the existing dynamic secret sharing (DSS) schemes is first provided. In a threshold scheme, the sensitivity of the secret and the number of players may fluctuate due to various reasons. Moreover, a common problem with almost all secret sharing schemes is that they are ``one-time'', meaning that the secret and shares are known to everyone after secret recovery. We therefore provide new techniques where the threshold and/or the secret can be changed multiple times to arbitrary values after the initialization. In addition, we introduce a new application of dynamic threshold schemes, named sequential secret sharing (SQS), in which several secrets with increasing thresholds are shared among the players who have different levels of authority. In the fifth chapter, a cryptographic primitive, named multicomponent commitment scheme (MCS) is proposed where we have multiple committers and verifiers. This new scheme is used to construct different sealed-bid auction protocols (SAP) where the auction outcomes are defined without revealing the losing bids. The main reason for constructing secure auctions is the fact that the values of the losing bids can be exploited in future auctions and negotiations if they are not kept private. In our auctioneer-free protocols, bidders first commit to their bids before the auction starts. They then apply a decreasing price mechanism to define the winner and selling price in an unconditionally secure setting

Practical Non-interactive Publicly Verifiable Secret Sharing with Thousands of Parties

Non-interactive publicly verifiable secret sharing (PVSS) schemes enables (re-)sharing of secrets in a decentralized setting in the presence of malicious parties. A recently proposed application of PVSS schemes is to enable permissionless proof-of-stake blockchains to ``keep a secret via a sequence of committees that share that secret. These committees can use the secret to produce signatures on the blockchain\u27s behalf, or to disclose hidden data conditioned on consensus that some event has occurred. That application needs very large committees with thousands of parties, so the PVSS scheme in use must be efficient enough to support such large committees, in terms of both computation and communication. Yet, previous PVSS schemes have large proofs and/or require many exponentiations over large groups. We present a non-interactive PVSS scheme in which the underlying encryption scheme is based on the learning with errors (LWE) problem. While lattice-based encryption schemes are very fast, they often have long ciphertexts and public keys. We use the following two techniques to conserve bandwidth: First, we adapt the Peikert-Vaikuntanathan-Waters (PVW) encryption scheme to the multi-receiver setting, so that the bulk of the parties\u27 keys is a common random string. The resulting scheme yields $\Omega(1)$ amortized plaintext/ciphertext rate, where concretely the rate is $\approx 1/60$ for 100 parties, $\approx 1/8$ for 1000 parties, and approaching 1/2 as the number of parties grows. Second, we use bulletproofs over a DL-group of order about 256 bits to get compact proofs of correct encryption/decryption of shares. Alternating between the lattice and DL settings is relatively painless, as we equate the LWE modulus with the order of the group. We also show how to reduce the the number of exponentiations in the bulletproofs by applying Johnson-Lindenstrauss-like compression to reduce the dimension of the vectors whose properties must be verified. An implementation of our PVSS with 1000 parties showed that it is feasible even at that size, and should remain so even with one or two order of magnitude increase in the committee size

Preserving Trustworthiness and Confidentiality for Online Multimedia

Technology advancements in areas of mobile computing, social networks, and cloud computing have rapidly changed the way we communicate and interact. The wide adoption of media-oriented mobile devices such as smartphones and tablets enables people to capture information in various media formats, and offers them a rich platform for media consumption. The proliferation of online services and social networks makes it possible to store personal multimedia collection online and share them with family and friends anytime anywhere. Considering the increasing impact of digital multimedia and the trend of cloud computing, this dissertation explores the problem of how to evaluate trustworthiness and preserve confidentiality of online multimedia data. The dissertation consists of two parts. The first part examines the problem of evaluating trustworthiness of multimedia data distributed online. Given the digital nature of multimedia data, editing and tampering of the multimedia content becomes very easy. Therefore, it is important to analyze and reveal the processing history of a multimedia document in order to evaluate its trustworthiness. We propose a new forensic technique called ``Forensic Hash", which draws synergy between two related research areas of image hashing and non-reference multimedia forensics. A forensic hash is a compact signature capturing important information from the original multimedia document to assist forensic analysis and reveal processing history of a multimedia document under question. Our proposed technique is shown to have the advantage of being compact and offering efficient and accurate analysis to forensic questions that cannot be easily answered by convention forensic techniques. The answers that we obtain from the forensic hash provide valuable information on the trustworthiness of online multimedia data. The second part of this dissertation addresses the confidentiality issue of multimedia data stored with online services. The emerging cloud computing paradigm makes it attractive to store private multimedia data online for easy access and sharing. However, the potential of cloud services cannot be fully reached unless the issue of how to preserve confidentiality of sensitive data stored in the cloud is addressed. In this dissertation, we explore techniques that enable confidentiality-preserving search of encrypted multimedia, which can play a critical role in secure online multimedia services. Techniques from image processing, information retrieval, and cryptography are jointly and strategically applied to allow efficient rank-ordered search over encrypted multimedia database and at the same time preserve data confidentiality against malicious intruders and service providers. We demonstrate high efficiency and accuracy of the proposed techniques and provide a quantitative comparative study with conventional techniques based on heavy-weight cryptography primitives

Cryptographic scheme for group passwords distribution in steganographic systems

This paper proposes a new scheme of passwords distribution for user groups via a hidden communication channel. The previously known models explicitly demonstrated the presence of passwords and cannot be used in any hidden communication channel. The considered model assumes the presence of a coordinator who regulates the composition of the groups and is the source of the overwhelming proportion of messages. The composition of the groups is not known in advance and may change during transmission messages. It is assumed that the data transmitted in a container will consist of two parts: a service part, which contains information about groups and passwords, and a useful part, which contains the target message that encrypted with a group-password. The scheme is based on the Kronecker-Capelli theorem. To find a group password the subscriber-receiver, is included in the group, calculates the product of the roots of a joint system of linear algebraic equations. This system consists of n equations and contains n+1variables. For an outside subscriber, who is not included in the group, the system of equations has not a single solution. A subscriber in the group is able to calculate one variable by a predefined formula. Consequently, the system of equations for such subscriber has the unique solution. The paper describes the processes of changing a composition of groups: creating, adding a participant, removing. The removing users from a group is realized by reuniting members of the old group. The scheme provides the possibility of combining previously created subgroups into large group without significant overhead costs. The proposed scheme can be used in practice by some organization to manage its branches when communicating via hidden data transmission channels

Threat Intelligence in Support of Cyber Situation Awareness

Despite technological advances in the information security field, attacks by unauthorized individuals and groups continue to penetrate defenses. Due to the rapidly changing environment of the Internet, the appearance of newly developed malicious software or attack techniques accelerates while security professionals continue in a reactive posture with limited time for identifying new threats. The problem addressed in this study was the perceived value of threat intelligence as a proactive process for information security. The purpose of this study was to explore how situation awareness is enhanced by receiving advanced intelligence reports resulting in better decision-making for proper response to security threats. Using a qualitative case study methodology a purposeful sample of 13 information security professionals were individually interviewed and the data analyzed through Nvivo 11 analytical software. The research questions addressed threat intelligence and its impact on the security analyst\u27s cognitive situation awareness. Analysis of the data collected indicated that threat intelligence may enhance the security analyst\u27s situation awareness, as supported in the general literature. In addition, this study showed that the differences in sources or the lack of an intelligence program may have a negative impact on determining the proper security response in a timely manner. The implications for positive social change include providing leaders with greater awareness through threat intelligence of ways to minimize the effects of cyber attacks, which may result in increasing business and consumer confidence in the protection of personal and confidential information