314 research outputs found
Interest-Based Access Control for Content Centric Networks (extended version)
Content-Centric Networking (CCN) is an emerging network architecture designed
to overcome limitations of the current IP-based Internet. One of the
fundamental tenets of CCN is that data, or content, is a named and addressable
entity in the network. Consumers request content by issuing interest messages
with the desired content name. These interests are forwarded by routers to
producers, and the resulting content object is returned and optionally cached
at each router along the path. In-network caching makes it difficult to enforce
access control policies on sensitive content outside of the producer since
routers only use interest information for forwarding decisions. To that end, we
propose an Interest-Based Access Control (IBAC) scheme that enables access
control enforcement using only information contained in interest messages,
i.e., by making sensitive content names unpredictable to unauthorized parties.
Our IBAC scheme supports both hash- and encryption-based name obfuscation. We
address the problem of interest replay attacks by formulating a mutual trust
framework between producers and consumers that enables routers to perform
authorization checks when satisfying interests from their cache. We assess the
computational, storage, and bandwidth overhead of each IBAC variant. Our design
is flexible and allows producers to arbitrarily specify and enforce any type of
access control on content, without having to deal with the problems of content
encryption and key distribution. This is the first comprehensive design for CCN
access control using only information contained in interest messages.Comment: 11 pages, 2 figure
Numerical Problem Encryption for High-Performance Computing Applications
Recent years witnessed the diffusion of cloud-based services. Cloud services have the interesting advantage that they can provide resources (CPU, disk space, etc.) that would be too expensive to deploy and maintain in-house. A major drawback of cloud-based services is the problem of handling private data and—possibly—intellectual property to a third party. With some service (e.g., data storage), cryptography can provide a solution; however, there are some services that are more difficult to protect. An example of such services is the renting of CPU to carry out numerical computation such as differential equation solving. In this chapter, we discuss the problem of encrypting numerical problems so that their solution can be safely outsourced. The idea is to transform (encrypt) a given numerical problem into a different one whose solution can be mapped back to the solution of the original problem if the key used at the encryption stage is known
On Communication-Efficient Asynchronous MPC with Adaptive Security
Secure multi-party computation (MPC) allows a set of parties to jointly compute an arbitrary computation over their private inputs. Two main variants have been considered in the literature according to the underlying communication model. Synchronous MPC protocols proceed in rounds, and rely on the fact that the communication network provides strong delivery guarantees within each round. Asynchronous MPC protocols achieve security guarantees even when the network delay is arbitrary.
While the problem of MPC has largely been studied in both variants with respect to both feasibility and efficiency results, there is still a substantial gap when it comes to communication complexity of adaptively secure protocols. Concretely, while adaptively secure synchronous MPC protocols with linear communication are known for a long time, the best asynchronous protocol communicates bits per multiplication.
In this paper, we make progress towards closing this gap by providing two protocols. First, we present an adaptively secure asynchronous protocol with optimal resilience and bits of communication per multiplication, improving over the state of the art protocols in this setting by a quadratic factor in the number of parties. The protocol has cryptographic security and follows the CDN approach [Eurocrypt\u2701], based on additive threshold homomorphic encryption.
Second, we show an optimization of the above protocol that tolerates up to corruptions and communicates \mathcal{O}(n\cdot \poly(\kappa)) bits per multiplication under stronger assumptions
Reusable garbled gates for new fully homomorphic encryption service
In this paper, we propose a novel way to provide a fully homomorphic encryption service, namely by using garbled circuits. From a high level perspective, garbled circuits and fully homomorphic encryption, both aim at implementing complex computation on ciphertexts. We define a new cryptographic primitive named reusable garbled gate, which comes from the area of garbled circuits, then based on this new primitive we show that it is very easy to construct a fully homomorphic encryption. However, the instantiation of reusable garbled gates is rather difficult, in fact, we can only instantiate this new primitive based on indistinguishable obfuscation. Furthermore, reusable garbled gates can be a core component for constructing the reusable garbled circuits, which can reduce the communication complexity of them from O(n) to O(1). We believe that reusable garbled gates promise a new way to provide fully homomorphic encryption and reusable garbled circuits service fast.Peer ReviewedPostprint (author's final draft
A probabilistic polynomial-time process calculus for the analysis of cryptographic protocols
AbstractWe prove properties of a process calculus that is designed for analysing security protocols. Our long-term goal is to develop a form of protocol analysis, consistent with standard cryptographic assumptions, that provides a language for expressing probabilistic polynomial-time protocol steps, a specification method based on a compositional form of equivalence, and a logical basis for reasoning about equivalence.The process calculus is a variant of CCS, with bounded replication and probabilistic polynomial-time expressions allowed in messages and boolean tests. To avoid inconsistency between security and nondeterminism, messages are scheduled probabilistically instead of nondeterministically. We prove that evaluation of any process expression halts in probabilistic polynomial time and define a form of asymptotic protocol equivalence that allows security properties to be expressed using observational equivalence, a standard relation from programming language theory that involves quantifying over all possible environments that might interact with the protocol.We develop a form of probabilistic bisimulation and use it to establish the soundness of an equational proof system based on observational equivalences. The proof system is illustrated by a formation derivation of the assertion, well-known in cryptography, that El Gamal encryption's semantic security is equivalent to the (computational) Decision Diffie–Hellman assumption. This example demonstrates the power of probabilistic bisimulation and equational reasoning for protocol security
Watermarking Cryptographic Capabilities
A watermarking scheme for programs embeds some information called a mark into a program while preserving its functionality. No adversary can remove the mark without damaging the functionality of the program. In this work, we study the problem of watermarking various cryptographic programs such as pseudorandom function (PRF) evaluation, decryption, and signing. For example, given a PRF F, we create a marked program C~ that evaluates F(). An adversary that gets C~ cannot come up with any program C* in which the mark is removed but which still evaluates the PRF correctly on even a small fraction of the inputs.
The work of Barak, Goldreich, Impagliazzo, Rudich, Sahai, Vadhan, and Yang (CRYPTO\u2701 and Journal of ACM 59(2)) shows that, assuming indistinguishability obfuscation (iO), such watermarking is impossible if the marked program C~ evaluates the original program with perfect correctness. In this work we show that, assuming iO, such watermarking is possible if the marked program C~ is allowed to err with even a negligible probability, which would be undetectable to the user.
Our watermarking schemes are public key, meaning that we use a secret marking key to embed marks in programs, and a public detection key that allows anyone to detect marks in programs. Our schemes are secure against chosen program attacks where the adversary is given oracle access to the marking functionality. We emphasize that our security notion of watermark non-removability considers arbitrary adversarial strategies to modify the marked program, in contrast to the prior works (Nishimaki, EUROCRYPT \u2713)
Decentralized Multi-Authority ABE for DNFs from LWE
We construct the first decentralized multi-authority attribute-based encryption
(MA-ABE) scheme for a non-trivial class of access policies whose security is
based (in the random oracle model) solely on the Learning With Errors (LWE)
assumption. The supported access policies are ones described by DNF
formulas. All previous constructions of MA-ABE schemes supporting any
non-trivial class of access policies were proven secure (in the random oracle
model) assuming various assumptions on bilinear maps.
In our system, any party can become an authority and there is no requirement for
any global coordination other than the creation of an initial set of common
reference parameters. A party can simply act as a standard ABE authority by
creating a public key and issuing private keys to different users that reflect
their attributes. A user can encrypt data in terms of any DNF formulas over
attributes issued from any chosen set of authorities. Finally, our system does
not require any central authority. In terms of efficiency, when instantiating
the scheme with a global bound on the size of access policies, the sizes of
public keys, secret keys, and ciphertexts, all grow with .
Technically, we develop new tools for building ciphertext-policy ABE (CP-ABE)
schemes using LWE. Along the way, we construct the first provably secure CP-ABE
scheme supporting access policies in that avoids the generic
universal-circuit-based key-policy to ciphertext-policy transformation. In
particular, our construction relies on linear secret sharing schemes with new
properties and in some sense is more similar to CP-ABE schemes that rely on
bilinear maps. While our CP-ABE construction is not more efficient than
existing ones, it is conceptually intriguing and further we show how to extend
it to get the MA-ABE scheme described above
- …