Privacy-Constrained Remote Source Coding

We consider the problem of revealing/sharing data in an efficient and secure way via a compact representation. The representation should ensure reliable reconstruction of the desired features/attributes while still preserve privacy of the secret parts of the data. The problem is formulated as a remote lossy source coding with a privacy constraint where the remote source consists of public and secret parts. Inner and outer bounds for the optimal tradeoff region of compression rate, distortion, and privacy leakage rate are given and shown to coincide for some special cases. When specializing the distortion measure to a logarithmic loss function, the resulting rate-distortion-leakage tradeoff for the case of identical side information forms an optimization problem which corresponds to the "secure" version of the so-called information bottleneck.Comment: 10 pages, 1 figure, to be presented at ISIT 201

Physical layer authenticated image encryption for Iot network based on biometric chaotic signature for MPFrFT OFDM system

In this paper, a new physical layer authenticated encryption (PLAE) scheme based on the multi-parameter fractional Fourier transform–Orthogonal frequency division multiplexing (MP-FrFT-OFDM) is suggested for secure image transmission over the IoT network. In addition, a new robust multi-cascaded chaotic modular fractional sine map (MCC-MF sine map) is designed and analyzed. Also, a new dynamic chaotic biometric signature (DCBS) generator based on combining the biometric signature and the proposed MCC-MF sine map random chaotic sequence output is also designed. The final output of the proposed DCBS generator is used as a dynamic secret key for the MPFrFT OFDM system in which the encryption process is applied in the frequency domain. The proposed DCBS secret key generator generates a very large key space of (Formula presented.). The proposed DCBS secret keys generator can achieve the confidentiality and authentication properties. Statistical analysis, differential analysis and a key sensitivity test are performed to estimate the security strengths of the proposed DCBS-MP-FrFT-OFDM cryptosystem over the IoT network. The experimental results show that the proposed DCBS-MP-FrFT-OFDM cryptosystem is robust against common signal processing attacks and provides a high security level for image encryption application. © 2023 by the authors

A multi-candidate electronic voting scheme with unlimited participants

In this paper a new multi-candidate electronic voting scheme is constructed with unlimited participants. The main idea is to express a ballot to allow voting for up to k out of the m candidates and unlimited participants. The purpose of vote is to select more than one winner among $m$ candidates. Our result is complementary to the result by Sun peiyong$'$ s scheme, in the sense, their scheme is not amenable for large-scale electronic voting due to flaw of ballot structure. In our scheme the vote is split and hidden, and tallying is made for $G\ddot{o}del$ encoding in decimal base without any trusted third party, and the result does not rely on any traditional cryptography or computational intractable assumption. Thus the proposed scheme not only solves the problem of ballot structure, but also achieves the security including perfect ballot secrecy, receipt-free, robustness, fairness and dispute-freeness.Comment: 6 page

Quotable Signatures for Authenticating Shared Quotes

Quotable signature schemes are digital signature schemes with the additional property that from the signature for a message, any party can extract signatures for (allowable) quotes from the message, without knowing the secret key or interacting with the signer of the original message. Crucially, the extracted signatures are still signed with the original secret key. We define a notion of security for quotable signature schemes and construct a concrete example of a quotable signature scheme, using Merkle trees and classical digital signature schemes. The scheme is shown to be secure, with respect to the aforementioned notion of security. Additionally, we prove bounds on the complexity of the constructed scheme and provide algorithms for signing, quoting, and verifying. Finally, concrete use cases of quotable signatures are considered, using them to combat misinformation by bolstering authentic content on social media. We consider both how quotable signatures can be used, and why using them could help mitigate the effects of fake news.Comment: 29 pages, 7 figure

Cellular Automata Based Image Authentication Scheme Using Extended Visual Cryptography

Most of the Visual Cryptography based image authentication schemes hide the share and authentication data into cover images by using an additional data hiding process. This process increases the computational cost of the schemes. Pixel expansion, meaningless shares and use of codebook are other challenges in these schemes. To overcome these issues, an authentication scheme is proposed in which no embedding into the cover images is performed and meaningful authentication shares are created using the watermark and cover images. This makes the scheme completely imperceptible. The watermark can be retrieved just by superimposing these authentication shares, thus reducing the computational complexity at receiver's side. Cellular Automata is used to construct the master share that provides self-construction ability to the shares. The meaningful authentication shares help in enhancing the security of the scheme while size invariance saves transmission and storage cost. The scheme possesses the ability of tamper detection. Experimental results demonstrate the improved security and quality of the generated shares of the proposed scheme as compared to existing schemes

Secret-key rates and privacy leakage in biometric systems

In this thesis both the generation of secret keys from biometric data and the binding of secret keys to biometric data are investigated. These secret keys can be used to regulate access to sensitive data, services, and environments. In a biometric secrecy system a secret key is generated or chosen during an enrollment procedure in which biometric data are observed for the first time. This key is to be reconstructed after these biometric data are observed for the second time when authentication is required. Since biometric measurements are typically noisy, reliable biometric secrecy systems also extract so-called helper data from the biometric observation at the time of enrollment. These helper data facilitate reliable reconstruction of the secret key in the authentication process. Since the helper data are assumed to be public, they should not contain information about the secret key. We say that the secrecy leakage should be negligible. Important parameters of biometric key-generation and key-binding systems include the size of the generated or chosen secret key and the information that the helper data contain (leak) about the biometric observation. This latter parameter is called privacy leakage. Ideally the privacy leakage should be small, to prevent the biometric data of an individual from being compromised. Moreover, the secret-key length (also characterized by the secret-key rate) should be large to minimize the probability that the secret key is guessed and unauthorized access is granted. The first part of this thesis mainly focuses on the fundamental trade-off between the secret-key rate and the privacy-leakage rate in biometric secret-generation and secretbinding systems. This trade-off is studied from an information-theoretical perspective for four biometric settings. The first setting is the classical secret-generation setting as proposed by Maurer [1993] and Ahlswede and Csiszár [1993]. For this setting the achievable secret-key vs. privacy-leakage rate region is determined in this thesis. In the second setting the secret key is not generated by the terminals, but independently chosen during enrollment (key binding). Also for this setting the region of achievable secret-key vs. privacy-leakage rate pairs is determined. In settings three and four zero-leakage systems are considered. In these systems the public message should contain only a negligible amount of information about both the secret key and the biometric enrollment sequence. To achieve this, a private key is needed, which can be observed only by the two terminals. Again both the secret generation setting and chosen secret setting are considered. For these two cases the regions of achievable secret-key vs. private-key rate pairs are determined. For all four settings two notions of leakage are considered. Depending on whether one looks at secrecy and privacy leakage separately or in combination, unconditional or conditional privacy leakage is considered. Here unconditional leakage corresponds to the mutual information between the helper data and the biometric enrollment sequence, while the conditional leakage relates to the conditional version of this mutual information, given the secret. The second part of the thesis focuses on the privacy- and secrecy-leakage analysis of the fuzzy commitment scheme. Fuzzy commitment, proposed by Juels and Wattenberg [1999], is, in fact, a particular realization of a binary biometric secrecy system with a chosen secret key. In this scheme the helper data are constructed as a codeword from an error-correcting code, used to encode a chosen secret, masked with the biometric sequence that has been observed during enrollment. Since this scheme is not privacy preserving in the conditional privacy-leakage sense, the unconditional privacy-leakage case is investigated. Four cases of biometric sources are considered, i.e. memoryless and totally-symmetric biometric sources, memoryless and input-symmetric biometric sources, memoryless biometric sources, and stationary and ergodic biometric sources. For the first two cases the achievable rate-leakage regions are determined. In these cases the secrecy leakage rate need not be positive. For the other two cases only outer bounds on achievable rate-leakage regions are found. These bounds, moreover, are sharpened for fuzzy commitment based on systematic parity-check codes. Using the fundamental trade-offs found in the first part of this thesis, it is shown that fuzzy commitment is only optimal for memoryless totally-symmetric biometric sources and only at the maximum secret-key rate. Moreover, it is demonstrated that for memoryless and stationary ergodic biometric sources, which are not input-symmetric, the fuzzy commitment scheme leaks information on both the secret key and the biometric data. Biometric sequences have an often unknown statistical structure (model) that can be quite complex. The last part of this dissertation addresses the problem of finding the maximum a posteriori (MAP) model for a pair of observed biometric sequences and the problem of estimating the maximum secret-key rate from these sequences. A universal source coding procedure called the Context-TreeWeighting (CTW) method [1995] can be used to find this MAP model. In this thesis a procedure that determines the MAP model, based on the so-called beta-implementation of the CTW method, is proposed. Moreover, CTW methods are used to compress the biometric sequences and sequence pairs in order to estimate the mutual information between the sequences. However, CTW methods were primarily developed for compressing onedimensional sources, while biometric data are often modeled as two-dimensional processes. Therefore it is proved here that the entropy of a stationary two-dimensional source can be expressed as a limit of a series of conditional entropies. This result is also extended to the conditional entropy of one two-dimensional source given another one. As a consequence entropy and mutual information estimates can be obtained from CTW methods using properly-chosen templates. Using such techniques estimates of the maximum secret-key rate for physical unclonable functions (PUFs) are determined from a data-set of observed sequences. PUFs can be regarded as inanimate analogues of biometrics