234 research outputs found
An E-voting Protocol Based on Blockchain
Because of the properties such as transparency, decentralization, irreversibility, nonrepudiation, etc., blockchain is not only a fundamental technology of great interest in its own right, but also has large potential when integrated into many other areas. In this paper, based on the blockchain technology, we propose a decentralized e-voting protocol, without the existence of a trusted third party. Furthermore, we provide several possible extensions and improvements that meet the requirements in some specific voting scenarios
Distributed Cryptographic Protocols
[ES] La confianza es la base de las sociedades modernas. Sin embargo, las relaciones basadas en confianza son difíciles de establecer y pueden ser explotadas
fácilmente con resultados devastadores. En esta tesis exploramos el uso
de protocolos criptográficos distribuidos para construir sistemas confiables
donde la confianza se vea reemplazada por garantías matemáticas y criptográficas. En estos nuevos sistemas dinámicos, incluso si una de las partes
se comporta de manera deshonesta, la integridad y resiliencia del sistema
están garantizadas, ya que existen mecanismos para superar este tipo de
situaciones. Por lo tanto, hay una transición de sistemas basados en la confianza, a esquemas donde esta misma confianza es descentralizada entre un
conjunto de individuos o entidades. Cada miembro de este conjunto puede ser
auditado, y la verificación universal asegura que todos los usuarios puedan
calcular el estado final en cada uno de estos métodos, sin comprometer la
privacidad individual de los usuarios.
La mayoría de los problemas de colaboración a los que nos enfrentamos
como sociedad, pueden reducirse a dos grandes dilemas: el votar una propuesta, o un representante político, ó identificarnos a nosotros mismos como
miembros de un colectivo con derecho de acceso a un recurso o servicio. Por
ello, esta tesis doctoral se centra en los protocolos criptográficos distribuidos
aplicados al voto electrónico y la identificación anónima.
Hemos desarrollado tres protocolos para el voto electrónico que complementan y mejoran a los métodos más tradicionales, y además protegen la
privacidad de los votantes al mismo tiempo que aseguran la integridad del
proceso de voto. En estos sistemas, hemos empleado diferentes mecanismos
criptográficos que proveen, bajo diferentes asunciones, de las propiedades de
seguridad que todo sistema de voto debe tener. Algunos de estos sistemas son
seguros incluso en escenarios pos-cuánticos. También hemos calculado minuciosamente la complejidad temporal de los métodos para demostrar que son
eficientes y factibles de ser implementados. Además, hemos implementado
algunos de estos sistemas, o partes de ellos, y llevado a cabo una detallada
experimentación para demostrar el potencial de nuestras contribuciones.
Finalmente, estudiamos en detalle el problema de la identificación y proponemos tres métodos no interactivos y distribuidos que permiten el registro
y acceso anónimo. Estos protocolos son especialmente ligeros y agnósticos
en su implementación, lo que permite que puedan ser integrados con múltiples propósitos. Hemos formalizado y demostrado la seguridad de nuestros
protocolos de identificación, y hemos realizado una implementación completa
de ellos para, una vez más, demostrar la factibilidad y eficiencia de las soluciones propuestas. Bajo este marco teórico de identificación, somos capaces
de asegurar el recurso custodiado, sin que ello suponga una violación para el
anonimato de los usuarios.[CA] La confiança és la base de les societats modernes. No obstant això, les relacions basades en confiança són difícils d’establir i poden ser explotades fàcilment amb resultats devastadors. En aquesta tesi explorem l’ús de protocols
criptogràfics distribuïts per a construir sistemes de confiança on la confiança es veja reemplaçada per garanties matemàtiques i criptogràfiques. En
aquests nous sistemes dinàmics, fins i tot si una de les parts es comporta
de manera deshonesta, la integritat i resiliència del sistema estan garantides,
ja que existeixen mecanismes per a superar aquest tipus de situacions. Per
tant, hi ha una transició de sistemes basats en la confiança, a esquemes on
aquesta acarona confiança és descentralitzada entre un conjunt d’individus o
entitats. Cada membre d’aquest conjunt pot ser auditat, i la verificació universal assegura que tots els usuaris puguen calcular l’estat final en cadascun
d’aquests mètodes, sense comprometre la privacitat individual dels usuaris.
La majoria dels problemes de colůlaboració als quals ens enfrontem com
a societat, poden reduir-se a dos grans dilemes: el votar una proposta, o un
representant polític, o identificar-nos a nosaltres mateixos com a membres
d’un colůlectiu amb dret d’accés a un recurs o servei. Per això, aquesta tesi
doctoral se centra en els protocols criptogràfics distribuïts aplicats al vot
electrònic i la identificació anònima.
Hem desenvolupat tres protocols per al vot electrònic que complementen
i milloren als mètodes més tradicionals, i a més protegeixen la privacitat
dels votants al mateix temps que asseguren la integritat del procés de vot.
En aquests sistemes, hem emprat diferents mecanismes criptogràfics que
proveeixen, baix diferents assumpcions, de les propietats de seguretat que
tot sistema de vot ha de tindre. Alguns d’aquests sistemes són segurs fins i tot en escenaris post-quàntics. També hem calculat minuciosament la complexitat temporal dels mètodes per a demostrar que són eficients i factibles
de ser implementats. A més, hem implementats alguns d’aquests sistemes, o
parts d’ells, i dut a terme una detallada experimentació per a demostrar la
potencial de les nostres contribucions.
Finalment, estudiem detalladament el problema de la identificació i proposem tres mètodes no interactius i distribuïts que permeten el registre i
accés anònim. Aquests protocols són especialment lleugers i agnòstics en
la seua implementació, la qual cosa permet que puguen ser integrats amb
múltiples propòsits. Hem formalitzat i demostrat la seguretat dels nostres
protocols d’identificació, i hem realitzat una implementació completa d’ells
per a, una vegada més, demostrar la factibilitat i eficiència de les solucions
proposades. Sota aquest marc teòric d’identificació, som capaces d’assegurar
el recurs custodiat, sense que això supose una violació per a l’anonimat dels
usuaris.[EN] Trust is the base of modern societies. However, trust is difficult to achieve
and can be exploited easily with devastating results. In this thesis, we explore the use of distributed cryptographic protocols to build reliable systems
where trust can be replaced by cryptographic and mathematical guarantees.
In these adaptive systems, even if one involved party acts dishonestly, the
integrity and robustness of the system can be ensured as there exist mechanisms to overcome these scenarios. Therefore, there is a transition from
systems based in trust, to schemes where trust is distributed between decentralized parties. Individual parties can be audited, and universal verifiability
ensures that any user can compute the final state of these methods, without
compromising individual users’ privacy.
Most collaboration problems we face as societies can be reduced to two
main dilemmas: voting on a proposal or electing political representatives,
or identifying ourselves as valid members of a collective to access a service
or resource. Hence, this doctoral thesis focuses on distributed cryptographic
protocols for electronic voting and anonymous identification.
We have developed three electronic voting schemes that enhance traditional methods, and protect the privacy of electors while ensuring the integrity of the whole election. In these systems, we have employed different
cryptographic mechanisms, that fulfill all the desired security properties of
an electronic voting scheme, under different assumptions. Some of them are
secure even in post-quantum scenarios. We have provided a detailed time-complexity analysis to prove that our proposed methods are efficient and
feasible to implement. We also implemented some voting protocols, or parts
of them, and carried out meticulous experimentation to show the potential of our contributions.
Finally, we study in detail the identification problem and propose three
distributed and non-interactive methods for anonymous registration and access. These three protocols are especially lightweight and application agnostic, making them feasible to be integrated with many purposes. We formally
analyze and demonstrate the security of our identification protocols, and
provide a complete implementation of them to once again show the feasibility and effectiveness of the developed solutions. Using this identification
framework, we can ensure the security of the guarded resource, while also
preserving the anonymity of the users.Larriba Flor, AM. (2023). Distributed Cryptographic Protocols [Tesis doctoral]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/19810
New Conditional Privacy-preserving Encryption Schemes in Communication Network
Nowadays the communication networks have acted as nearly the most important fundamental infrastructure in our human society. The basic service provided by the communication networks are like that provided by the ubiquitous public utilities. For example, the cable television network provides the distribution of information to its subscribers, which is much like the water or gas supply systems which distribute the commodities to citizens. The communication network also facilitates the development of many network-based applications such as industrial pipeline controlling in the industrial network, voice over long-term evolution (VoLTE) in the mobile network and mixture reality (MR) in the computer network, etc. Since the communication network plays such a vital role in almost every aspect of our life, undoubtedly, the information transmitted over it should be guarded properly. Roughly, such information can be categorized into either the communicated message or the sensitive information related to the users. Since we already got cryptographical tools, such as encryption schemes, to ensure the confidentiality of communicated messages, it is the sensitive personal information which should be paid special attentions to. Moreover, for the benefit of reducing the network burden in some instances, it may require that only communication information among legitimated users, such as streaming media service subscribers, can be stored and then relayed in the network. In this case, the network should be empowered with the capability to verify whether the transmitted message is exchanged between legitimated users without leaking the privacy of those users. Meanwhile, the intended receiver of a transmitted message should be able to identify the exact message sender for future communication. In order to cater to those requirements, we re-define a notion named conditional user privacy preservation.
In this thesis, we investigate the problem how to preserve user conditional privacy in pubic key encryption schemes, which are used to secure the transmitted information in the communication networks. In fact, even the term conditional privacy preservation has appeared in existing works before, there still have great differences between our conditional privacy preservation definition and the one proposed before. For example, in our definition, we do not need a trusted third party (TTP) to help tracing the sender of a message. Besides, the verification of a given encrypted message can be done without any secret.
In this thesis, we also introduce more desirable features to our redefined notion user conditional privacy preservation. In our second work, we consider not only the conditional privacy of the message sender but also that of the intended message receiver. This work presents a new encryption scheme which can be implemented in communication networks where there exists a blacklist containing a list of blocked communication channels, and each of them is established by a pair of sender and receiver. With this encryption scheme, a verifier can confirm whether one ciphertext is belonging to a legitimated communication channel without knowing the exact sender and receiver of that ciphertext. With our two previous works, for a given ciphertext, we ensure that no one except its intended receiver can identify the sender. However, the receiver of one message may behave dishonest when it tries to retrieve the real message sender, which incurs the problem that the receiver of a message might manipulate the origin of the message successfully for its own benefit. To tackle this problem, we present a novel encryption scheme in our third work. Apart from preserving user conditional privacy, this work also enforces the receiver to give a publicly verifiable proof so as to convince others that it is honest during the process of identifying the actual message sender. In our forth work, we show our special interest in the access control encryption, or ACE for short, and find this primitive can inherently achieve user conditional privacy preservation to some extent. we present a newly constructed ACE scheme in this work, and our scheme has advantages over existing ACE schemes in two aspects. Firstly, our ACE scheme is more reliable than existing ones since we utilize a distributed sanitizing algorithm and thus avoid the so called single point failure happened in ACE systems with only one sanitizer. Then, since the ciphertext and key size of our scheme is more compact than that of the existing ACE schemes, our scheme enjoys better scalability
Fair Exchange with Guardian Angels
In this paper we propose a new probabilistic Fair Exchange Protocol which requires no central Trusted Third Party. Instead, it relies on a virtually distributed and decentralized Trusted Third Party which is formalized as a Guardian Angel: a kind of Observer e.g. a tamper proof security device. We thus introduce a network model with Pirates and Guardian Angels which is well suited for Ad Hoc networks. In this setting we reduce the Fair Exchange Problem to a Synchronization Problem in which honest parties need to eventually decide whether or not a protocol succeeded in a synchronous way through a hostile network which does not guaranty that sent messages will be eventually received. This problem can be of independent interest in order to add reliability of protocol termination in secure channels
Statistical cryptanalysis of block ciphers
Since the development of cryptology in the industrial and academic worlds in the seventies, public knowledge and expertise have grown in a tremendous way, notably because of the increasing, nowadays almost ubiquitous, presence of electronic communication means in our lives. Block ciphers are inevitable building blocks of the security of various electronic systems. Recently, many advances have been published in the field of public-key cryptography, being in the understanding of involved security models or in the mathematical security proofs applied to precise cryptosystems. Unfortunately, this is still not the case in the world of symmetric-key cryptography and the current state of knowledge is far from reaching such a goal. However, block and stream ciphers tend to counterbalance this lack of "provable security" by other advantages, like high data throughput and ease of implementation. In the first part of this thesis, we would like to add a (small) stone to the wall of provable security of block ciphers with the (theoretical and experimental) statistical analysis of the mechanisms behind Matsui's linear cryptanalysis as well as more abstract models of attacks. For this purpose, we consider the underlying problem as a statistical hypothesis testing problem and we make a heavy use of the Neyman-Pearson paradigm. Then, we generalize the concept of linear distinguisher and we discuss the power of such a generalization. Furthermore, we introduce the concept of sequential distinguisher, based on sequential sampling, and of aggregate distinguishers, which allows to build sub-optimal but efficient distinguishers. Finally, we propose new attacks against reduced-round version of the block cipher IDEA. In the second part, we propose the design of a new family of block ciphers named FOX. First, we study the efficiency of optimal diffusive components when implemented on low-cost architectures, and we present several new constructions of MDS matrices; then, we precisely describe FOX and we discuss its security regarding linear and differential cryptanalysis, integral attacks, and algebraic attacks. Finally, various implementation issues are considered
Improved Classical and Quantum Algorithms for the Shortest Vector Problem via Bounded Distance Decoding
The most important computational problem on lattices is the Shortest Vector
Problem (SVP). In this paper, we present new algorithms that improve the
state-of-the-art for provable classical/quantum algorithms for SVP. We present
the following results. A new algorithm for SVP that provides a smooth
tradeoff between time complexity and memory requirement. For any positive
integer , our algorithm takes time and
requires memory. This tradeoff which ranges from
enumeration () to sieving ( constant), is a consequence of a new
time-memory tradeoff for Discrete Gaussian sampling above the smoothing
parameter.
A quantum algorithm for SVP that runs in time and
requires classical memory and poly(n) qubits. In Quantum Random
Access Memory (QRAM) model this algorithm takes only time and
requires a QRAM of size , poly(n) qubits and
classical space. This improves over the previously fastest classical (which is
also the fastest quantum) algorithm due to [ADRS15] that has a time and space
complexity .
A classical algorithm for SVP that runs in time
time and space. This improves over an algorithm of [CCL18] that
has the same space complexity.
The time complexity of our classical and quantum algorithms are obtained
using a known upper bound on a quantity related to the lattice kissing number
which is . We conjecture that for most lattices this quantity is a
. Assuming that this is the case, our classical algorithm runs in
time , our quantum algorithm runs in time
and our quantum algorithm in QRAM model runs in time .Comment: Faster Quantum Algorithm for SVP in QRAM, 43 pages, 4 figure
How to Subvert Backdoored Encryption: Security Against Adversaries that Decrypt All Ciphertexts
We study secure and undetectable communication in a world where governments
can read all encrypted communications of citizens. We consider a world where
the only permitted communication method is via a government-mandated encryption
scheme, using government-mandated keys. Citizens caught trying to communicate
otherwise (e.g., by encrypting strings which do not appear to be natural
language plaintexts) will be arrested. The one guarantee we suppose is that the
government-mandated encryption scheme is semantically secure against outsiders:
a perhaps advantageous feature to secure communication against foreign
entities. But what good is semantic security against an adversary that has the
power to decrypt?
Even in this pessimistic scenario, we show citizens can communicate securely
and undetectably. Informally, there is a protocol between Alice and Bob where
they exchange ciphertexts that look innocuous even to someone who knows the
secret keys and thus sees the corresponding plaintexts. And yet, in the end,
Alice will have transmitted her secret message to Bob. Our security definition
requires indistinguishability between unmodified use of the mandated encryption
scheme, and conversations using the mandated encryption scheme in a modified
way for subliminal communication.
Our topics may be thought to fall broadly within the realm of steganography:
the science of hiding secret communication in innocent-looking messages, or
cover objects. However, we deal with the non-standard setting of adversarial
cover object distributions (i.e., a stronger-than-usual adversary). We leverage
that our cover objects are ciphertexts of a secure encryption scheme to bypass
impossibility results which we show for broader classes of steganographic
schemes. We give several constructions of subliminal communication schemes
based on any key exchange protocol with random messages (e.g., Diffie-Hellman)
A two authorities electronic vote scheme
[EN] In this paper we propose a new electronic multi-authority voting system based on blind signatures. We focus on the open problem of the efficiency of electronic voting systems. Most of the proposed systems
rely on complex architectures or expensive proofs, in this work we aim to reduce the time-complexity of the voting process, both for the voter and the authorities involved. Our system is focused on simplicity and it is based on the assumption of two unrelated entities. This simplicity makes our approach scalable
and flexible to multiple kinds of elections. We propose a method that limits the number of authorities to only 2 of them; we reduce the overall number of modular operations; and, propose a method which
cut downs the interactions needed to cast a vote. The result is a voting protocol whose complexity scales linearly with the number of votes.Larriba-Flor, AM.; Sempere Luna, JM.; López Rodríguez, D. (2020). A two authorities electronic vote scheme. Computers & Security. 97:1-12. https://doi.org/10.1016/j.cose.2020.101940S11297Bloom, B. H. (1970). Space/time trade-offs in hash coding with allowable errors. Communications of the ACM, 13(7), 422-426. doi:10.1145/362686.362692Brams S., Fishburn P.C.. 2007. Approval voting Springer ScienceCarroll, T. E., & Grosu, D. (2009). A secure and anonymous voter-controlled election scheme. Journal of Network and Computer Applications, 32(3), 599-606. doi:10.1016/j.jnca.2008.07.010Chaum, D. L. (1981). Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 24(2), 84-90. doi:10.1145/358549.358563Cramer, R., Gennaro, R., & Schoenmakers, B. (1997). A secure and optimally efficient multi-authority election scheme. European Transactions on Telecommunications, 8(5), 481-490. doi:10.1002/ett.4460080506Desmedt, Y. G. (2010). Threshold cryptography. European Transactions on Telecommunications, 5(4), 449-458. doi:10.1002/ett.4460050407Elgamal, T. (1985). A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory, 31(4), 469-472. doi:10.1109/tit.1985.1057074Juang, W.-S. (2002). A Verifiable Multi-Authority Secret Election Allowing Abstention from Voting. The Computer Journal, 45(6), 672-682. doi:10.1093/comjnl/45.6.672Menezes A., van Oorschot P.C., Vanstone S.A.. 1996. Handbook of Applied Cryptography.Parhami, B. (1994). Voting algorithms. IEEE Transactions on Reliability, 43(4), 617-629. doi:10.1109/24.370218Rabin, M. O. (1980). Probabilistic Algorithms in Finite Fields. SIAM Journal on Computing, 9(2), 273-280. doi:10.1137/0209024Rabin, M. O. (1983). Transaction protection by beacons. Journal of Computer and System Sciences, 27(2), 256-267. doi:10.1016/0022-0000(83)90042-9Salazar, J. L., Piles, J. J., Ruiz-Mas, J., & Moreno-Jiménez, J. M. (2010). Security approaches in e-cognocracy. Computer Standards & Interfaces, 32(5-6), 256-265. doi:10.1016/j.csi.2010.01.004Nguyen, T. A. T., & Dang, T. K. (2013). Enhanced security in internet voting protocol using blind signature and dynamic ballots. Electronic Commerce Research, 13(3), 257-272. doi:10.1007/s10660-013-9120-5Wu, Z.-Y., Wu, J.-C., Lin, S.-C., & Wang, C. (2014). An electronic voting mechanism for fighting bribery and coercion. Journal of Network and Computer Applications, 40, 139-150. doi:10.1016/j.jnca.2013.09.011Yang, X., Yi, X., Nepal, S., Kelarev, A., & Han, F. (2018). A Secure Verifiable Ranked Choice Online Voting System Based on Homomorphic Encryption. IEEE Access, 6, 20506-20519. doi:10.1109/access.2018.2817518Yi, X., & Okamoto, E. (2013). Practical Internet voting system. Journal of Network and Computer Applications, 36(1), 378-387. doi:10.1016/j.jnca.2012.05.00
Legally Fair Contract Signing Without Keystones
International audienceIn two-party computation, achieving both fairness and guaranteed output delivery is well known to be impossible. Despite this limitation , many approaches provide solutions of practical interest by weakening somewhat the fairness requirement. Such approaches fall roughly in three categories: " gradual release " schemes assume that the aggrieved party can eventually reconstruct the missing information; " optimistic schemes " assume a trusted third party arbitrator that can restore fairness in case of litigation; and " concurrent " or " legally fair " schemes in which a breach of fairness is compensated by the aggrieved party having a digitally signed cheque from the other party (called the keystone). In this paper we describe and analyse a new contract signing paradigm that doesn't require keystones to achieve legal fairness, and give a concrete construction based on Schnorr signatures which is compatible with standard Schnorr signatures and provably secure
- …