367 research outputs found
EasyUC: using EasyCrypt to mechanize proofs of universally composable security
We present a methodology for using the EasyCrypt proof assistant (originally designed for mechanizing the generation of proofs of game-based security of cryptographic schemes and protocols) to mechanize proofs of security of cryptographic protocols within the universally composable (UC) security framework. This allows, for the first time, the mechanization and formal verification of the entire sequence of steps needed for proving simulation-based security in a modular way: Specifying a protocol and the desired ideal functionality; Constructing a simulator and demonstrating its validity, via reduction to hard computational problems; Invoking the universal composition operation and demonstrating that it indeed preserves security. We demonstrate our methodology on a simple example: stating and proving the security of secure message communication via a one-time pad, where the key comes from a Diffie-Hellman key-exchange, assuming ideally authenticated communication. We first put together EasyCrypt-verified proofs that: (a) the Diffie-Hellman protocol UC-realizes an ideal key-exchange functionality, assuming hardness of the Decisional Diffie-Hellman problem, and (b) one-time-pad encryption, with a key obtained using ideal key-exchange, UC-realizes an ideal secure-communication functionality. We then mechanically combine the two proofs into an EasyCrypt-verified proof that the composed protocol realizes the same ideal secure-communication functionality. Although formulating a methodology that is both sound and workable has proven to be a complex task, we are hopeful that it will prove to be the basis for mechanized UC security analyses for significantly more complex protocols and tasks.Accepted manuscrip
A Simplified Hierarchical Dynamic Quantum Secret Sharing Protocol with Added Features
Generalizing the notion of dynamic quantum secret sharing (DQSS), a
simplified protocol for hierarchical dynamic quantum secret sharing (HDQSS) is
proposed and it is shown that the protocol can be implemented using any
existing protocol of quantum key distribution, quantum key agreement or secure
direct quantum communication. The security of this proposed protocol against
eavesdropping and collusion attacks is discussed with specific attention
towards the issues related to the composability of the subprotocols that
constitute the proposed protocol. The security and qubit efficiency of the
proposed protocol is also compared with that of other existing protocols of
DQSS. Further, it is shown that it is possible to design a semi-quantum
protocol of HDQSS and in principle, the protocols of HDQSS can be implemented
using any quantum state. It is also noted that the completely
orthogonal-state-based realization of HDQSS protocol is possible and that HDQSS
can be experimentally realized using a large number of alternative approaches.Comment: 9 pages, 1 figur
Composable Security in the Bounded-Quantum-Storage Model
We present a simplified framework for proving sequential composability in the
quantum setting. In particular, we give a new, simulation-based, definition for
security in the bounded-quantum-storage model, and show that this definition
allows for sequential composition of protocols. Damgard et al. (FOCS '05,
CRYPTO '07) showed how to securely implement bit commitment and oblivious
transfer in the bounded-quantum-storage model, where the adversary is only
allowed to store a limited number of qubits. However, their security
definitions did only apply to the standalone setting, and it was not clear if
their protocols could be composed. Indeed, we first give a simple attack that
shows that these protocols are not composable without a small refinement of the
model. Finally, we prove the security of their randomized oblivious transfer
protocol in our refined model. Secure implementations of oblivious transfer and
bit commitment then follow easily by a (classical) reduction to randomized
oblivious transfer.Comment: 21 page
Confidential Boosting with Random Linear Classifiers for Outsourced User-generated Data
User-generated data is crucial to predictive modeling in many applications.
With a web/mobile/wearable interface, a data owner can continuously record data
generated by distributed users and build various predictive models from the
data to improve their operations, services, and revenue. Due to the large size
and evolving nature of users data, data owners may rely on public cloud service
providers (Cloud) for storage and computation scalability. Exposing sensitive
user-generated data and advanced analytic models to Cloud raises privacy
concerns. We present a confidential learning framework, SecureBoost, for data
owners that want to learn predictive models from aggregated user-generated data
but offload the storage and computational burden to Cloud without having to
worry about protecting the sensitive data. SecureBoost allows users to submit
encrypted or randomly masked data to designated Cloud directly. Our framework
utilizes random linear classifiers (RLCs) as the base classifiers in the
boosting framework to dramatically simplify the design of the proposed
confidential boosting protocols, yet still preserve the model quality. A
Cryptographic Service Provider (CSP) is used to assist the Cloud's processing,
reducing the complexity of the protocol constructions. We present two
constructions of SecureBoost: HE+GC and SecSh+GC, using combinations of
homomorphic encryption, garbled circuits, and random masking to achieve both
security and efficiency. For a boosted model, Cloud learns only the RLCs and
the CSP learns only the weights of the RLCs. Finally, the data owner collects
the two parts to get the complete model. We conduct extensive experiments to
understand the quality of the RLC-based boosting and the cost distribution of
the constructions. Our results show that SecureBoost can efficiently learn
high-quality boosting models from protected user-generated data
A Secure Multi-Party Computation Protocol Suite Inspired by Shamir’s Secret Sharing Scheme
Tänapäeva maailm on täis saladusi. Mõnikord me sooviks teada midagi nende kohta ilma oma saladusi avalikustamata. Näiteks võib kedagi huvitada, kas ta on rikkam kui mõni tema sõber. Valitsusi võib huvitada, et nende satelliidid ei satuks kokkupõrkesse, kuid samas ei tahaks nad välismaailmale oma strateegiliste satelliitide liikumise kohta liiga palju infot jagada. Turvaline ühisarvutus võimaldab osapooltel ühiselt arvutada mingi funktsiooni väärtusi ilma sisendeid avalikustamata. Sharemind on üks praktiline raamistik turvaliste ühisarvutuste tegemiseks. Selles töös loomegi protokollide komplekti Sharemindi jaoks. Meie protokollid on inspireeritud Shamiri ühissalastusest, mis võimaldab saladusi osadeks jagada. Me anname algoritmid liitmise, korrutamise ja võrdlustehete jaoks koos vastavate turvatõestustega. Lisaks võrdleme realiseeritud protokollide jõudlust juba varasemalt olemasoleva protokollistikuga. Esialgsed keerukus- ja jõudlustulemused on lubavad, kuid on arenguruumi.The world today is full of secrets. Sometimes, we would like to know something about them without revealing the secrets themselves. For example, whether I have more money than my friend or whether two satellites would collide without publishing their moving trajectories. Secure multi-party computation allows us to jointly compute some functions while keeping the privacy of our inputs. Sharemind is a practical framework for performing secure multi-party computations. In this work, we added a protocol suite to Sharemind. This protocol suite was inspired by Shamir's secret sharing scheme, which describes a way to divide a secret into pieces. We describe algorithms for addition, multiplication, equality-testing and less-than comparison. We also give correctness and security proofs for the protocols. The resulting implementations were compared to an existing protocol suite inspired by additive secret sharing. The initial complexities and benchmarking results are promising, but there is room for improvement
Authentication and authorisation in entrusted unions
This paper reports on the status of a project whose aim is to implement and demonstrate in a real-life environment an integrated eAuthentication and eAuthorisation framework to enable trusted collaborations and delivery of services across different organisational/governmental jurisdictions. This aim will be achieved by designing a framework with assurance of claims, trust indicators, policy enforcement mechanisms and processing under encryption to address the security and confidentiality requirements of large distributed infrastructures. The framework supports collaborative secure distributed storage, secure data processing and management in both the cloud and offline scenarios and is intended to be deployed and tested in two pilot studies in two different domains, viz, Bio-security incident management and Ambient Assisted Living (eHealth). Interim results in terms of security requirements, privacy preserving authentication, and authorisation are reported
Protecting privacy of users in brain-computer interface applications
Machine learning (ML) is revolutionizing research and industry. Many ML applications rely on the use of large amounts of personal data for training and inference. Among the most intimate exploited data sources is electroencephalogram (EEG) data, a kind of data that is so rich with information that application developers can easily gain knowledge beyond the professed scope from unprotected EEG signals, including passwords, ATM PINs, and other intimate data. The challenge we address is how to engage in meaningful ML with EEG data while protecting the privacy of users. Hence, we propose cryptographic protocols based on secure multiparty computation (SMC) to perform linear regression over EEG signals from many users in a fully privacy-preserving(PP) fashion, i.e., such that each individual's EEG signals are not revealed to anyone else. To illustrate the potential of our secure framework, we show how it allows estimating the drowsiness of drivers from their EEG signals as would be possible in the unencrypted case, and at a very reasonable computational cost. Our solution is the first application of commodity-based SMC to EEG data, as well as the largest documented experiment of secret sharing-based SMC in general, namely, with 15 players involved in all the computations
- …