2,724 research outputs found
KeyForge: Mitigating Email Breaches with Forward-Forgeable Signatures
Email breaches are commonplace, and they expose a wealth of personal,
business, and political data that may have devastating consequences. The
current email system allows any attacker who gains access to your email to
prove the authenticity of the stolen messages to third parties -- a property
arising from a necessary anti-spam / anti-spoofing protocol called DKIM. This
exacerbates the problem of email breaches by greatly increasing the potential
for attackers to damage the users' reputation, blackmail them, or sell the
stolen information to third parties.
In this paper, we introduce "non-attributable email", which guarantees that a
wide class of adversaries are unable to convince any third party of the
authenticity of stolen emails. We formally define non-attributability, and
present two practical system proposals -- KeyForge and TimeForge -- that
provably achieve non-attributability while maintaining the important protection
against spam and spoofing that is currently provided by DKIM. Moreover, we
implement KeyForge and demonstrate that that scheme is practical, achieving
competitive verification and signing speed while also requiring 42% less
bandwidth per email than RSA2048
Introducing Accountability to Anonymity Networks
Many anonymous communication (AC) networks rely on routing traffic through
proxy nodes to obfuscate the originator of the traffic. Without an
accountability mechanism, exit proxy nodes risk sanctions by law enforcement if
users commit illegal actions through the AC network. We present BackRef, a
generic mechanism for AC networks that provides practical repudiation for the
proxy nodes by tracing back the selected outbound traffic to the predecessor
node (but not in the forward direction) through a cryptographically verifiable
chain. It also provides an option for full (or partial) traceability back to
the entry node or even to the corresponding user when all intermediate nodes
are cooperating. Moreover, to maintain a good balance between anonymity and
accountability, the protocol incorporates whitelist directories at exit proxy
nodes. BackRef offers improved deployability over the related work, and
introduces a novel concept of pseudonymous signatures that may be of
independent interest.
We exemplify the utility of BackRef by integrating it into the onion routing
(OR) protocol, and examine its deployability by considering several
system-level aspects. We also present the security definitions for the BackRef
system (namely, anonymity, backward traceability, no forward traceability, and
no false accusation) and conduct a formal security analysis of the OR protocol
with BackRef using ProVerif, an automated cryptographic protocol verifier,
establishing the aforementioned security properties against a strong
adversarial model
Anonymous broadcast encryption with an untrusted gateway
We propose a verifiable and anonymous broadcast encryption scheme, where an \u27untrusted\u27 gateway can verify incoming communication flows to ensure only the intended anonymous receivers in the target domain can receive them. This scenario is interesting while the privacy of receivers should be considered. The difficulty in this setting is how to achieve both confidentiality of the message and anonymity of receivers during the gateway verification. To achieve this goal, we introduce a new notion of encrypted identity search, which allows the gateway blindly verifies the incoming traffic. Our scheme captures security properties: confidentiality and anonymity against dishonest gateway, corrupted receivers and collusion attacks. We present a concrete construction of gateway-based verifiable and anonymous broadcast encryption system from bilinear pairings, and give its security reduction under the computational assumptions related to bilinear pairings
The New South Wales iVote System: Security Failures and Verification Flaws in a Live Online Election
In the world's largest-ever deployment of online voting, the iVote Internet
voting system was trusted for the return of 280,000 ballots in the 2015 state
election in New South Wales, Australia. During the election, we performed an
independent security analysis of parts of the live iVote system and uncovered
severe vulnerabilities that could be leveraged to manipulate votes, violate
ballot privacy, and subvert the verification mechanism. These vulnerabilities
do not seem to have been detected by the election authorities before we
disclosed them, despite a pre-election security review and despite the system
having run in a live state election for five days. One vulnerability, the
result of including analytics software from an insecure external server,
exposed some votes to complete compromise of privacy and integrity. At least
one parliamentary seat was decided by a margin much smaller than the number of
votes taken while the system was vulnerable. We also found protocol flaws,
including vote verification that was itself susceptible to manipulation. This
incident underscores the difficulty of conducting secure elections online and
carries lessons for voters, election officials, and the e-voting research
community
On publicly verifiable secret sharing schemes
Secret sharing allows a dealer to distribute shares of a secret to a set of parties such that only so-called
authorised subsets of these parties can recover the secret, whilst forbidden sets gain at most some restricted
amount of information. This idea has been built upon in verifiable secret sharing to allow parties to verify
that their shares are valid and will therefore correctly reconstruct the same secret. This can then be further
extended to publicly verifiable secret sharing by firstly considering only public channels of communication,
hence imposing the need for encryption of the shares, and secondly by requiring that any party be able to
verify any other parties shares from the public encryption.
In this thesis we work our way up from the original secret sharing scheme by Shamir to examples of various
approaches of publicly verifiable schemes. Due to the need for encryption in private communication,
different cryptographic methods allow for certain interesting advantages in the schemes. We review some
important existing methods and their significant properties of interest, such as being homomorphic or
efficiently verifiable. We also consider recent improvements in these schemes and make a contribution
by showing that an encryption scheme by Castagnos and Laguillaumie allows for a publicly verifiable
secret sharing scheme to have some interesting homomorphic properties. To explore further we look at
generalisations to the recently introduced idea of Abelian secret sharing, and we consider some examples
of such constructions. Finally we look at some applications of secret sharing schemes, and present our own
implementation of Schoenmaker’s scheme in Python, along with a voting system on which it is based
- …