18 research outputs found
How to grant anonymous access
[EN] In this paper, we propose three protocols to share, among a set of N competing entities, the responsibility to grant anonymous access to a resource. The protocols we propose vary in their settings to take into account central or distributed registration. We prove that any subset of guardian authorities can neither tamper with, nor forge, new access-key tokens. Besides, two of the methods we propose are resistant to the eventual appearance of quantum computers. The protocols we propose permit new approaches for cryptographic applications such as electronic voting or blockchain access.Larriba, AM.; López RodrÃguez, D. (2023). How to grant anonymous access. IEEE Transactions on Information Forensics and Security. 18:613-625. https://doi.org/10.1109/TIFS.2022.32265616136251
Pseudonym systems
Thesis (S.M.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1999.Includes bibliographical references (p. 50-52).by Anna Lysyanskaya.S.M
Spontaneous anonymous group cryptography and its applications.
Fung Kar-Yin.Thesis (M.Phil.)--Chinese University of Hong Kong, 2004.Includes bibliographical references (leaves 72-81).Abstracts in English and Chinese.Abstract --- p.iAcknowledgement --- p.iiiChapter 1 --- Introduction --- p.1Chapter 1.1 --- Development of Cryptography --- p.1Chapter 1.2 --- Group Cryptography --- p.3Chapter 1.3 --- Spontaneous Anonymous Group Signature --- p.4Chapter 1.4 --- Blind Signature --- p.5Chapter 1.5 --- Blind SAG Signature --- p.6Chapter 1.6 --- Organization of This Thesis --- p.6Chapter 2 --- Background Study --- p.7Chapter 2.1 --- Six Primitives in Cryptography --- p.7Chapter 2.1.1 --- Symmetric Encryption --- p.8Chapter 2.1.2 --- Asymmetric Encryption --- p.8Chapter 2.1.3 --- Digital Signature --- p.9Chapter 2.1.4 --- Hash Function --- p.9Chapter 2.1.5 --- Digital Certificate --- p.10Chapter 2.1.6 --- Proof of Knowledge --- p.10Chapter 2.2 --- Euler Totient Function --- p.11Chapter 2.3 --- One-Way Function --- p.12Chapter 2.3.1 --- One-Way Trapdoor Function --- p.13Chapter 2.3.2 --- Discrete Logarithm Problem --- p.13Chapter 2.3.3 --- RSA Problem --- p.14Chapter 2.3.4 --- Integer Factorization Problem --- p.15Chapter 2.3.5 --- Quadratic Residuosity Problem --- p.15Chapter 2.3.6 --- Schnorr's ROS assumption --- p.16Chapter 2.4 --- Bilinear Pairing --- p.16Chapter 2.4.1 --- Weil Pairing --- p.18Chapter 2.4.2 --- Tate Pairing --- p.18Chapter 2.5 --- Gap Diffie-Hellman Group --- p.19Chapter 2.5.1 --- GDH --- p.19Chapter 2.5.2 --- Co-GDH --- p.20Chapter 2.6 --- Random Oracle Model --- p.21Chapter 2.6.1 --- Random Permutation --- p.23Chapter 2.6.2 --- Lunchtime Attack --- p.23Chapter 2.6.3 --- Back Patch --- p.23Chapter 2.6.4 --- Rewind Simulation --- p.24Chapter 2.7 --- Generic Group Model --- p.24Chapter 3 --- Digital and Threshold Signatures --- p.26Chapter 3.1 --- Introduction --- p.26Chapter 3.2 --- Notion of Attacks and Security in Signature --- p.28Chapter 3.2.1 --- Types of Signatures --- p.29Chapter 3.3 --- Threshold Signature --- p.31Chapter 3.4 --- Properties in Threshold Signatures --- p.31Chapter 4 --- Blind Signature --- p.33Chapter 4.1 --- Introduction --- p.33Chapter 4.1.1 --- Security Requirements --- p.35Chapter 4.2 --- Transferred Proof of Knowledge --- p.36Chapter 4.3 --- RSA Based Schemes --- p.37Chapter 4.3.1 --- Chaum's RSA Scheme --- p.37Chapter 4.3.2 --- Abe's RSA Scheme --- p.38Chapter 4.4 --- Discrete Logarithm Based Schemes --- p.39Chapter 4.4.1 --- Schnorr Blind Signature --- p.39Chapter 4.4.2 --- Okamoto-Schnorr Blind Signature --- p.40Chapter 4.5 --- Bilinear Mapping Based Schemes --- p.40Chapter 5 --- Spontaneous Anonymous Group Signature --- p.42Chapter 5.1 --- Introduction --- p.42Chapter 5.2 --- Cramer-Damgard-Schoemaker (CDS) SAG Signature --- p.44Chapter 5.2.1 --- (1´ةn)-CDS type SAG Signature --- p.44Chapter 5.2.2 --- "(t, n)-CDS type SAG Signature" --- p.45Chapter 5.3 --- Ring-type SAG Signature Schemes --- p.46Chapter 5.3.1 --- Rivest-Shamir-Tauman --- p.46Chapter 5.3.2 --- Abe's 1-out-of-n Ring Signature --- p.49Chapter 5.4 --- Discussions --- p.51Chapter 6 --- Blind SAG Signature --- p.53Chapter 6.1 --- Introduction --- p.53Chapter 6.2 --- Security Definitions --- p.54Chapter 6.2.1 --- Security Model --- p.55Chapter 6.3 --- "(1,n)-Ring Structured Blind SAG Signature" --- p.57Chapter 6.3.1 --- Signing Protocol --- p.58Chapter 6.3.2 --- Verification Algorithm --- p.58Chapter 6.4 --- CDS-type Blind SAG Signature --- p.59Chapter 6.4.1 --- "(l,n)-CDS-type" --- p.59Chapter 6.5 --- "(t,n)-CDS-type" --- p.60Chapter 6.5.1 --- Signing Protocol --- p.61Chapter 6.5.2 --- Verification Algorithm --- p.61Chapter 6.6 --- Security Analysis --- p.62Chapter 6.7 --- Applications to Credential System --- p.67Chapter 7 --- Conclusion --- p.69A --- p.71Bibliography --- p.8
Security, Trust and Privacy (STP) Model for Federated Identity and Access Management (FIAM) Systems
The federated identity and access management systems facilitate the home domain
organization users to access multiple resources (services) in the foreign domain
organization by web single sign-on facility. In federated environment the user’s
authentication is performed in the beginning of an authentication session and allowed
to access multiple resources (services) until the current session is active. In current
federated identity and access management systems the main security concerns are: (1)
In home domain organization machine platforms bidirectional integrity measurement
is not exist, (2) Integrated authentication (i.e., username/password and home domain
machine platforms mutual attestation) is not present and (3) The resource (service)
authorization in the foreign domain organization is not via the home domain machine
platforms bidirectional attestation
Distributed Cryptographic Protocols
[ES] La confianza es la base de las sociedades modernas. Sin embargo, las relaciones basadas en confianza son difÃciles de establecer y pueden ser explotadas
fácilmente con resultados devastadores. En esta tesis exploramos el uso
de protocolos criptográficos distribuidos para construir sistemas confiables
donde la confianza se vea reemplazada por garantÃas matemáticas y criptográficas. En estos nuevos sistemas dinámicos, incluso si una de las partes
se comporta de manera deshonesta, la integridad y resiliencia del sistema
están garantizadas, ya que existen mecanismos para superar este tipo de
situaciones. Por lo tanto, hay una transición de sistemas basados en la confianza, a esquemas donde esta misma confianza es descentralizada entre un
conjunto de individuos o entidades. Cada miembro de este conjunto puede ser
auditado, y la verificación universal asegura que todos los usuarios puedan
calcular el estado final en cada uno de estos métodos, sin comprometer la
privacidad individual de los usuarios.
La mayorÃa de los problemas de colaboración a los que nos enfrentamos
como sociedad, pueden reducirse a dos grandes dilemas: el votar una propuesta, o un representante polÃtico, ó identificarnos a nosotros mismos como
miembros de un colectivo con derecho de acceso a un recurso o servicio. Por
ello, esta tesis doctoral se centra en los protocolos criptográficos distribuidos
aplicados al voto electrónico y la identificación anónima.
Hemos desarrollado tres protocolos para el voto electrónico que complementan y mejoran a los métodos más tradicionales, y además protegen la
privacidad de los votantes al mismo tiempo que aseguran la integridad del
proceso de voto. En estos sistemas, hemos empleado diferentes mecanismos
criptográficos que proveen, bajo diferentes asunciones, de las propiedades de
seguridad que todo sistema de voto debe tener. Algunos de estos sistemas son
seguros incluso en escenarios pos-cuánticos. También hemos calculado minuciosamente la complejidad temporal de los métodos para demostrar que son
eficientes y factibles de ser implementados. Además, hemos implementado
algunos de estos sistemas, o partes de ellos, y llevado a cabo una detallada
experimentación para demostrar el potencial de nuestras contribuciones.
Finalmente, estudiamos en detalle el problema de la identificación y proponemos tres métodos no interactivos y distribuidos que permiten el registro
y acceso anónimo. Estos protocolos son especialmente ligeros y agnósticos
en su implementación, lo que permite que puedan ser integrados con múltiples propósitos. Hemos formalizado y demostrado la seguridad de nuestros
protocolos de identificación, y hemos realizado una implementación completa
de ellos para, una vez más, demostrar la factibilidad y eficiencia de las soluciones propuestas. Bajo este marco teórico de identificación, somos capaces
de asegurar el recurso custodiado, sin que ello suponga una violación para el
anonimato de los usuarios.[CA] La confiança és la base de les societats modernes. No obstant això, les relacions basades en confiança són difÃcils d’establir i poden ser explotades fà cilment amb resultats devastadors. En aquesta tesi explorem l’ús de protocols
criptogrà fics distribuïts per a construir sistemes de confiança on la confiança es veja reemplaçada per garanties matemà tiques i criptogrà fiques. En
aquests nous sistemes dinà mics, fins i tot si una de les parts es comporta
de manera deshonesta, la integritat i resiliència del sistema estan garantides,
ja que existeixen mecanismes per a superar aquest tipus de situacions. Per
tant, hi ha una transició de sistemes basats en la confiança, a esquemes on
aquesta acarona confiança és descentralitzada entre un conjunt d’individus o
entitats. Cada membre d’aquest conjunt pot ser auditat, i la verificació universal assegura que tots els usuaris puguen calcular l’estat final en cadascun
d’aquests mètodes, sense comprometre la privacitat individual dels usuaris.
La majoria dels problemes de colůlaboració als quals ens enfrontem com
a societat, poden reduir-se a dos grans dilemes: el votar una proposta, o un
representant polÃtic, o identificar-nos a nosaltres mateixos com a membres
d’un colůlectiu amb dret d’accés a un recurs o servei. Per això, aquesta tesi
doctoral se centra en els protocols criptogrà fics distribuïts aplicats al vot
electrònic i la identificació anònima.
Hem desenvolupat tres protocols per al vot electrònic que complementen
i milloren als mètodes més tradicionals, i a més protegeixen la privacitat
dels votants al mateix temps que asseguren la integritat del procés de vot.
En aquests sistemes, hem emprat diferents mecanismes criptogrà fics que
proveeixen, baix diferents assumpcions, de les propietats de seguretat que
tot sistema de vot ha de tindre. Alguns d’aquests sistemes són segurs fins i tot en escenaris post-quà ntics. També hem calculat minuciosament la complexitat temporal dels mètodes per a demostrar que són eficients i factibles
de ser implementats. A més, hem implementats alguns d’aquests sistemes, o
parts d’ells, i dut a terme una detallada experimentació per a demostrar la
potencial de les nostres contribucions.
Finalment, estudiem detalladament el problema de la identificació i proposem tres mètodes no interactius i distribuïts que permeten el registre i
accés anònim. Aquests protocols són especialment lleugers i agnòstics en
la seua implementació, la qual cosa permet que puguen ser integrats amb
múltiples propòsits. Hem formalitzat i demostrat la seguretat dels nostres
protocols d’identificació, i hem realitzat una implementació completa d’ells
per a, una vegada més, demostrar la factibilitat i eficiència de les solucions
proposades. Sota aquest marc teòric d’identificació, som capaces d’assegurar
el recurs custodiat, sense que això supose una violació per a l’anonimat dels
usuaris.[EN] Trust is the base of modern societies. However, trust is difficult to achieve
and can be exploited easily with devastating results. In this thesis, we explore the use of distributed cryptographic protocols to build reliable systems
where trust can be replaced by cryptographic and mathematical guarantees.
In these adaptive systems, even if one involved party acts dishonestly, the
integrity and robustness of the system can be ensured as there exist mechanisms to overcome these scenarios. Therefore, there is a transition from
systems based in trust, to schemes where trust is distributed between decentralized parties. Individual parties can be audited, and universal verifiability
ensures that any user can compute the final state of these methods, without
compromising individual users’ privacy.
Most collaboration problems we face as societies can be reduced to two
main dilemmas: voting on a proposal or electing political representatives,
or identifying ourselves as valid members of a collective to access a service
or resource. Hence, this doctoral thesis focuses on distributed cryptographic
protocols for electronic voting and anonymous identification.
We have developed three electronic voting schemes that enhance traditional methods, and protect the privacy of electors while ensuring the integrity of the whole election. In these systems, we have employed different
cryptographic mechanisms, that fulfill all the desired security properties of
an electronic voting scheme, under different assumptions. Some of them are
secure even in post-quantum scenarios. We have provided a detailed time-complexity analysis to prove that our proposed methods are efficient and
feasible to implement. We also implemented some voting protocols, or parts
of them, and carried out meticulous experimentation to show the potential of our contributions.
Finally, we study in detail the identification problem and propose three
distributed and non-interactive methods for anonymous registration and access. These three protocols are especially lightweight and application agnostic, making them feasible to be integrated with many purposes. We formally
analyze and demonstrate the security of our identification protocols, and
provide a complete implementation of them to once again show the feasibility and effectiveness of the developed solutions. Using this identification
framework, we can ensure the security of the guarded resource, while also
preserving the anonymity of the users.Larriba Flor, AM. (2023). Distributed Cryptographic Protocols [Tesis doctoral]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/19810
Pseudonymization and its Application to Cloud-based eHealth Systems
Responding to the security and privacy issues of information systems, we propose a novel pseudonym solution. This pseudonym solution has provable security to protect the identities of users by employing user-generated pseudonyms. It also provides an encryption scheme to protect the security of the users’ data stored in the public network. Moreover, the pseudonym solution also provides the authentication of pseudonyms without disclosing the users’ identity information. Thus the dependences on powerful trusted third parties and on the trustworthiness of system administrators may be appreciably alleviated. Electronic healthcare systems (eHealth systems), as one kind of everyday information system, with the ability to store and share patients’ health data efficiently, have to manage in-formation of an extremely personal nature. As a consequence of known cases of abuse and attacks, the security of the health data and the privacy of patients are a great concern for many people and thus becoming obstacles to the acceptance and spread of eHealth systems. In this thesis, we survey current eHealth systems in both research and practice, analyzing potential threats to the security and privacy. Cloud-based eHealth systems, in particular, enable applications with many new features in data storing and sharing. We analyze the new issues on security and privacy when cloud technology is introduced into eHealth systems. We demonstrate that our proposed pseudonym solution can be successfully applied to cloud-based eHealth systems. Firstly, we utilize the pseudonym scheme and encryption scheme for storing and retrieving the electronic health records (EHR) in the cloud. The identities of patients and the confidentiality of EHR contents are provably guaranteed by advanced cryptographic algorithms. Secondly, we utilize the pseudonym solution to protect the privacy of patients from the health insurance companies. Only necessary information about patients is disclosed to the health insurance companies, without interrupting the cur-rent normal business processes of health insurance. At last, based on the pseudonym solution, we propose a new procedure for the secondary use of the health data. The new procedure protects the privacy of patients properly and enables patients’ full control and clear consent over their health data to be secondarily used. A prototypical application of a cloud-based eHealth system implementing our proposed solution is presented in order to exhibit the practicability of the solution and to provide intuitive experiences. Some performance estimations of the proposed solution based on the implementation are also provided.Um gewisse Sicherheits- und Datenschutzdefizite heutiger Informationssysteme zu beheben, stellen wir eine neuartige Pseudonymisierungslösung vor, die benutzergenerierte Pseudonyme verwendet und die Identitäten der Pseudonyminhaber nachweisbar wirksam schützt. Sie beinhaltet neben der Pseudonymisierung auch ein Verschlüsselungsverfahren für den Schutz der Vertraulichkeit der Benutzerdaten, wenn diese öffentlich gespeichert werden. Weiterhin bietet sie ein Verfahren zur Authentisierung von Pseudonymen, das ohne die Offenbarung von Benutzeridentitäten auskommt. Dadurch können Abhängigkeiten von vertrauenswürdigen dritten Stellen (trusted third parties) oder von vertrauenswürdigen Systemadministratoren deutlich verringert werden. Elektronische Gesundheitssysteme (eHealth-Systeme) sind darauf ausgelegt, Patientendaten effizient zu speichern und bereitzustellen. Solche Daten haben ein extrem hohes Schutzbedürfnis, und bekannte Fälle von Angriffen auf die Vertraulichkeit der Daten durch Privilegienmissbrauch und externe Attacken haben dazu geführt, dass die Sorge um den Schutz von Gesundheitsdaten und Patientenidentitäten zu einem großen Hindernis für die Verbreitung und Akzeptanz von eHealth-Systemen geworden ist. In dieser Dissertation betrachten wir gegenwärtige eHealth-Systeme in Forschung und Praxis hinsichtlich möglicher Bedrohungen für Sicherheit und Vertraulichkeit der gespeicherten Daten. Besondere Beachtung finden cloudbasierte eHealth-Systeme, die Anwendungen mit neuartigen Konzepten zur Datenspeicherung und -bereitstellung ermöglichen. Wir analysieren Sicherheits- und Vertraulichkeitsproblematiken, die sich beim Einsatz von Cloud-Technologie in eHealth-Systemen ergeben. Wir zeigen, dass unsere Pseudonymisierungslösung erfolgreich auf cloudbasierte eHealth-Systeme angewendet werden kann. Dabei werden zunächst das Pseudonymisierungs- und das Verschlüsselungsverfahren bei der Speicherung und beim Abruf von elektronischen Gesundheitsdatensätzen (electronic health records, EHR) in der Cloud eingesetzt. Die Vertraulichkeit von Patientenidentitäten und EHR-Inhalten werden dabei durch den Einsatz moderner kryptografischer Algorithmen nachweisbar garantiert. Weiterhin setzen wir die Pseudonymisierungslösung zum Schutz der Privatsphäre der Patienten gegenüber Krankenversicherungsunternehmen ein. Letzteren werden lediglich genau diejenigen Patienteninformationen offenbart, die für den störungsfreien Ablauf ihrer Geschäftsprozesse nötig sind. Schließen schlagen wir eine neuartige Vorgehensweise für die Zweitverwertung der im eHealth-System gespeicherten Daten vor, die die Pseudonymisierungslösung verwendet. Diese Vorgehensweise bietet den Patienten angemessenen Schutz für ihre Privatsphäre und volle Kontrolle darüber, welche Daten für eine Zweitverwertung (z.B. für Forschungszwecke) freigegeben werden. Es wird ein prototypisches, cloudbasiertes eHealth-System vorgestellt, das die Pseudonymisierungslösung implementiert, um deren Praktikabilität zu demonstrieren und intuitive Erfahrungen zu vermitteln. Weiterhin werden, basierend auf der Implementierung, einige Abschätzungen der Performanz der Pseudonymisierungslösung angegeben