5,191 research outputs found
An Efficient Code-Based Threshold Ring Signature Scheme with a Leader-Participant Model
Digital signature schemes with additional properties have broad applications, such as in protecting the identity of signers allowing a signer to anonymously sign a message in a group of signers (also known as a ring). While these number-theoretic problems are still secure at the time of this research, the situation could change with advances in quantum computing. There is a pressing need to design PKC schemes that are secure against quantum attacks. In this paper, we propose a novel code-based threshold ring signature scheme with a leader-participant model. A leader is appointed, who chooses some shared parameters for other signers to participate in the signing process. This leader-participant model enhances the performance because every participant including the leader could execute the decoding algorithm (as a part of signing process) upon receiving the shared parameters from the leader. The time complexity of our scheme is close to Courtois et al.’s (2001) scheme. The latter is often used as a basis to construct other types of code-based signature schemes. Moreover, as a threshold ring signature scheme, our scheme is as efficient as the normal code-based ring signature
Secure and Privacy-Preserving Data Aggregation Protocols for Wireless Sensor Networks
This chapter discusses the need of security and privacy protection mechanisms
in aggregation protocols used in wireless sensor networks (WSN). It presents a
comprehensive state of the art discussion on the various privacy protection
mechanisms used in WSNs and particularly focuses on the CPDA protocols proposed
by He et al. (INFOCOM 2007). It identifies a security vulnerability in the CPDA
protocol and proposes a mechanism to plug that vulnerability. To demonstrate
the need of security in aggregation process, the chapter further presents
various threats in WSN aggregation mechanisms. A large number of existing
protocols for secure aggregation in WSN are discussed briefly and a protocol is
proposed for secure aggregation which can detect false data injected by
malicious nodes in a WSN. The performance of the protocol is also presented.
The chapter concludes while highlighting some future directions of research in
secure data aggregation in WSNs.Comment: 32 pages, 7 figures, 3 table
Decentralizing Trust with Resilient Group Signatures in Blockchains
Blockchains have the goal of promoting the decentralization of transactions in a P2Pbased
internetworking model that does not depend on centralized trust parties. Along
with research on better scalability, performance, consistency control, and security guarantees
in their service planes, other challenges aimed at better trust decentralization and
fairness models on the research community’s agenda today.
Asymmetric cryptography and digital signatures are key components of blockchain
systems. As a common flaw in different blockchains, public keys and verification of
single-signed transactions are handled under the principle of trust centralization. In this
dissertation, we propose a better fairness and trust decentralization model by proposing
a service plane for blockchains that provides support for collective digital signatures
and allowing transactions to be collaboratively authenticated and verified with groupbased
witnessed guarantees. The proposed solution is achieved by using resilient group
signatures from randomly and dynamically assigned groups. In our approach we use
Threshold-Byzantine Fault Tolerant Digital Signatures to improve the resilience and robustness
of blockchain systems while preserving their decentralization nature.
We have designed and implemented a modular and portable cryptographic provider
that supports operations expressed by smart contracts. Our system is designed to be a
service plane agnostic and adaptable to the base service planes of different blockchains.
Therefore, we envision our solution as a portable, adaptable and reusable plugin service
plane for blockchains, as a way to provide authenticated group-signed transactions with
decentralized auditing, fairness, and long-term security guarantees and to leverage a
better decentralized trust model. We conducted our experimental evaluations in a cloudbased
testbench with at least sixteen blockchain nodes distributed across four different
data centers, using two different blockchains and observing the proposed benefits.As blockchains tem principal objetivo de promover a descentralização das transações
numa rede P2P, baseada num modelo não dependente de uma autoridade centralizada.
Em conjunto com maior escalabilidade, performance, controlos de consistência e garantias
de segurança nos planos de serviço, outros desafios como a melhoria do modelo de
descentralização e na equidade estão na agenda da comunidade cientÃfica.
Criptografia assimétrica e as assinaturas digitais são a componente chave dos sistemas
de blockchains. Porém, as blockchains, chaves públicas e verificações de transações
assinadas estão sobre o princÃpio de confiança centralizada. Nesta dissertação, vamos
propor uma solução que inclui melhores condições de equidade e descentralização de
confiança, modelado por um plano de serviços para a blockchain que fornece suporte para
assinaturas coletivas e permite que as transações sejam autenticadas colaborativamente
e verificadas com garantias das testemunhadas. Isto será conseguido usando assinaturas
resilientes para grupos formados de forma aleatória e dinamicamente. A nossa solução
para melhorar a resiliência das blockchains e preservar a sua natureza descentralizada,
irá ser baseada em assinaturas threshold à prova de falhas Bizantinas.
Com esta finalidade, iremos desenhar e implementar um provedor criptográfico modelar
e portável para suportar operações criptográficas que podem ser expressas por
smart-contracts. O nosso sistema será desenhado de uma forma agnóstica e adaptável
a diferentes planos de serviços. Assim, imaginamos a nossa solução como um plugin
portável e adaptável para as blockchains, que oferece suporte para auditoria descentralizada,
justiça, e garantias de longo termo para criar modelo melhor da descentralização
da base de confiança. Iremos efetuar as avaliações experimentais na cloud, correndo o
nosso plano de serviço com duas implementações de blockchain e pelo menos dezasseis
nós distribuÃdos em quatro data centres, observando os benefÃcios da solução proposta
Communication-Efficient Cluster Federated Learning in Large-scale Peer-to-Peer Networks
A traditional federated learning (FL) allows clients to collaboratively train
a global model under the coordination of a central server, which sparks great
interests in exploiting the private data distributed on clients. However, once
the central server suffers from a single point of failure, it will lead to
system crash. In addition, FL usually involves a large number of clients, which
requires expensive communication costs. These challenges inspire a
communication-efficient design of decentralized FL. In this paper, we propose
an efficient and privacy-preserving global model training protocol in the
context of FL in large-scale peer-to-peer networks, CFL. The proposed CFL
protocol aggregates local contributions hierarchically by a cluster-based
aggregation mode, as well as a leverged authenticated encryption scheme to
ensure the security communication, whose key is distributed by a modified
secure communication key establishment protocol. Theoretical analyses show that
CFL guarantees the privacy of local model update parameters, as well as
integrity and authenticity under the widespread internal semi-honest and
external malicious threat models. In particular, the proposed key revocation
based on public voting can effectively defense against external adversaries
hijacking honest participants to ensure the confidentiality of the
communication keys. Moreover, the modified secure communication key
establishment protocol indeed achieves high network connectivity probability to
ensure transmission security of the system
A patient agent controlled customized blockchain based framework for internet of things
Although Blockchain implementations have emerged as revolutionary technologies for various industrial applications including cryptocurrencies, they have not been widely deployed to store data streaming from sensors to remote servers in architectures known as Internet of Things. New Blockchain for the Internet of Things models promise secure solutions for eHealth, smart cities, and other applications. These models pave the way for continuous monitoring of patient’s physiological signs with wearable sensors to augment traditional medical practice without recourse to storing data with a trusted authority. However, existing Blockchain algorithms cannot accommodate the huge volumes, security, and privacy requirements of health data. In this thesis, our first contribution is an End-to-End secure eHealth architecture that introduces an intelligent Patient Centric Agent. The Patient Centric Agent executing on dedicated hardware manages the storage and access of streams of sensors generated health data, into a customized Blockchain and other less secure repositories. As IoT devices cannot host Blockchain technology due to their limited memory, power, and computational resources, the Patient Centric Agent coordinates and communicates with a private customized Blockchain on behalf of the wearable devices. While the adoption of a Patient Centric Agent offers solutions for addressing continuous monitoring of patients’ health, dealing with storage, data privacy and network security issues, the architecture is vulnerable to Denial of Services(DoS) and single point of failure attacks. To address this issue, we advance a second contribution; a decentralised eHealth system in which the Patient Centric Agent is replicated at three levels: Sensing Layer, NEAR Processing Layer and FAR Processing Layer. The functionalities of the Patient Centric Agent are customized to manage the tasks of the three levels. Simulations confirm protection of the architecture against DoS attacks. Few patients require all their health data to be stored in Blockchain repositories but instead need to select an appropriate storage medium for each chunk of data by matching their personal needs and preferences with features of candidate storage mediums. Motivated by this context, we advance third contribution; a recommendation model for health data storage that can accommodate patient preferences and make storage decisions rapidly, in real-time, even with streamed data. The mapping between health data features and characteristics of each repository is learned using machine learning. The Blockchain’s capacity to make transactions and store records without central oversight enables its application for IoT networks outside health such as underwater IoT networks where the unattended nature of the nodes threatens their security and privacy. However, underwater IoT differs from ground IoT as acoustics signals are the communication media leading to high propagation delays, high error rates exacerbated by turbulent water currents. Our fourth contribution is a customized Blockchain leveraged framework with the model of Patient-Centric Agent renamed as Smart Agent for securely monitoring underwater IoT. Finally, the smart Agent has been investigated in developing an IoT smart home or cities monitoring framework. The key algorithms underpinning to each contribution have been implemented and analysed using simulators.Doctor of Philosoph
Extending the Exposure Score of Web Browsers by Incorporating CVSS
When browsing the Internet, HTTP headers enable both clients and servers send extra data in their requests or responses such as the User-Agent string. This string contains information related to the sender’s device, browser, and operating system. Yet its content differs from one browser to another. Despite the privacy and security risks of User-Agent strings, very few works have tackled this problem. Our previous work proposed giving Internet browsers exposure relative scores to aid users to choose less intrusive ones. Thus, the objective of this work is to extend our previous work through: first, conducting a user study to identify its limitations. Second, extending the exposure score via incorporating data from the NVD. Third, providing a full implementation, instead of a limited prototype. The proposed system: assigns scores to users’ browsers upon visiting our website. It also suggests alternative safe browsers, and finally it allows updating the back-end database with a click of a button. We applied our method to a data set of more than 52 thousand unique browsers. Our performance and validation analysis show that our solution is accurate and efficient. The source code and data set are publicly available here [4].</p
- …