Citizen Electronic Identities using TPM 2.0

Electronic Identification (eID) is becoming commonplace in several European countries. eID is typically used to authenticate to government e-services, but is also used for other services, such as public transit, e-banking, and physical security access control. Typical eID tokens take the form of physical smart cards, but successes in merging eID into phone operator SIM cards show that eID tokens integrated into a personal device can offer better usability compared to standalone tokens. At the same time, trusted hardware that enables secure storage and isolated processing of sensitive data have become commonplace both on PC platforms as well as mobile devices. Some time ago, the Trusted Computing Group (TCG) released the version 2.0 of the Trusted Platform Module (TPM) specification. We propose an eID architecture based on the new, rich authorization model introduced in the TCGs TPM 2.0. The goal of the design is to improve the overall security and usability compared to traditional smart card-based solutions. We also provide, to the best our knowledge, the first accessible description of the TPM 2.0 authorization model.Comment: This work is based on an earlier work: Citizen Electronic Identities using TPM 2.0, to appear in the Proceedings of the 4th international workshop on Trustworthy embedded devices, TrustED'14, November 3, 2014, Scottsdale, Arizona, USA, http://dx.doi.org/10.1145/2666141.266614

Distributed Random Process for a Large-Scale Peer-to-Peer Lottery

Most online lotteries today fail to ensure the verifiability of the random process and rely on a trusted third party. This issue has received little attention since the emergence of distributed protocols like Bitcoin that demonstrated the potential of protocols with no trusted third party. We argue that the security requirements of online lotteries are similar to those of online voting, and propose a novel distributed online lottery protocol that applies techniques developed for voting applications to an existing lottery protocol. As a result, the protocol is scalable, provides efficient verification of the random process and does not rely on a trusted third party nor on assumptions of bounded computational resources. An early prototype confirms the feasibility of our approach

Privacy-Preserving Electronic Ticket Scheme with Attribute-based Credentials

Electronic tickets (e-tickets) are electronic versions of paper tickets, which enable users to access intended services and improve services' efficiency. However, privacy may be a concern of e-ticket users. In this paper, a privacy-preserving electronic ticket scheme with attribute-based credentials is proposed to protect users' privacy and facilitate ticketing based on a user's attributes. Our proposed scheme makes the following contributions: (1) users can buy different tickets from ticket sellers without releasing their exact attributes; (2) two tickets of the same user cannot be linked; (3) a ticket cannot be transferred to another user; (4) a ticket cannot be double spent; (5) the security of the proposed scheme is formally proven and reduced to well known (q-strong Diffie-Hellman) complexity assumption; (6) the scheme has been implemented and its performance empirically evaluated. To the best of our knowledge, our privacy-preserving attribute-based e-ticket scheme is the first one providing these five features. Application areas of our scheme include event or transport tickets where users must convince ticket sellers that their attributes (e.g. age, profession, location) satisfy the ticket price policies to buy discounted tickets. More generally, our scheme can be used in any system where access to services is only dependent on a user's attributes (or entitlements) but not their identities.Comment: 18pages, 6 figures, 2 table

Best Effort and Practice Activation Codes

Activation Codes are used in many different digital services and known by many different names including voucher, e-coupon and discount code. In this paper we focus on a specific class of ACs that are short, human-readable, fixed-length and represent value. Even though this class of codes is extensively used there are no general guidelines for the design of Activation Code schemes. We discuss different methods that are used in practice and propose BEPAC, a new Activation Code scheme that provides both authenticity and confidentiality. The small message space of activation codes introduces some problems that are illustrated by an adaptive chosen-plaintext attack (CPA-2) on a general 3-round Feis- tel network of size 2^(2n) . This attack recovers the complete permutation from at most 2^(n+2) plaintext-ciphertext pairs. For this reason, BEPAC is designed in such a way that authenticity and confidentiality are in- dependent properties, i.e. loss of confidentiality does not imply loss of authenticity.Comment: 15 pages, 3 figures, TrustBus 201

Trust dynamics for collaborative global computing

Recent advances in networking technology have increased the potential for dynamic enterprise collaborations between an open set of entities on a global scale. The security of these collaborations is a major concern, and requires novel approaches suited to this new environment to be developed. Trust management appears to be a promising approach. Due to the dynamic nature of these collaborations,dynamism in the formation, evolution and exploitation of trust is essential. In this paper we explore the properties of trust dynamics in this context. Trust is formed and evolves according to personal experience and recommendations. The properties of trust dynamics are expressed through a formal model of trust. Specific examples, based on an e-purse application scenario are used to demonstrate these properties

Secure and Transferable Mobile Ticketing Using Digital Rights Managements

The increasingly matured mobile commerce enriches our daily lives. Mobile ticketing, a process that allows consumers to order, make payment, acquire, and authenticate tickets using their mobile phones, will become popular since it can be conducted from anywhere and at anytime. In addition to the convenience of use, the fabrication and distribution costs of traditional paper-tickets can be greatly reduced with mobile tickets. Many applications, such as traffic tickets, concert tickets, movie tickets, and so on, may take the advantages of mobile ticketing. Such tickets, in their paper-forms, can be transferred to anyone before use since no specific identity is recorded in these tickets. Nevertheless, current schemes restrict mobile tickets to be non-transferable because the transferring will result in the tickets being invalidated. To overcome the non-transferability problem, we use the idea of digital rights managements to separate the content and the usage-rules of mobile tickets, and propose a transferrable mobile ticketing scheme. The usage-rule, i.e. the rights object of the ticket, registers the ticket identification and a hashed number comprising an issuer’s random number and the International Mobile Equipment Identity (IMEI) of the ticket owner. The rights object is independently issued by a trusted third party. When a ticket is transferred, the issuer will be notified and he will modify the rights object with a new hash value, computed from a new random number and the IMEI of the new owner who receives the transferred ticket. Therefore, mobile tickets are secured and transferrable in our proposed mobile ticketing scheme

UniquID: A Quest to Reconcile Identity Access Management and the Internet of Things

The Internet of Things (IoT) has caused a revolutionary paradigm shift in computer networking. After decades of human-centered routines, where devices were merely tools that enabled human beings to authenticate themselves and perform activities, we are now dealing with a device-centered paradigm: the devices themselves are actors, not just tools for people. Conventional identity access management (IAM) frameworks were not designed to handle the challenges of IoT. Trying to use traditional IAM systems to reconcile heterogeneous devices and complex federations of online services (e.g., IoT sensors and cloud computing solutions) adds a cumbersome architectural layer that can become hard to maintain and act as a single point of failure. In this paper, we propose UniquID, a blockchain-based solution that overcomes the need for centralized IAM architectures while providing scalability and robustness. We also present the experimental results of a proof-of-concept UniquID enrolment network, and we discuss two different use-cases that show the considerable value of a blockchain-based IAM.Comment: 15 pages, 10 figure