Cryptography with anonymity in mind

Advances in information technologies gave a rise to powerful ubiquitous com- puting devices, and digital networks have enabled new ways of fast communication, which immediately found tons of applications and resulted in large amounts of data being transmitted. For decades, cryptographic schemes and privacy-preserving protocols have been studied and researched in order to offer end users privacy of their data and implement useful functionalities at the same time, often trading security properties for cryptographic assumptions and efficiency. In this plethora of cryptographic constructions, anonymity properties play a special role, as they are important in many real-life scenarios. However, many useful cryptographic primitives lack anonymity properties or imply prohibitive costs to achieve them. In this thesis, we expand the territory of cryptographic primitives with anonymity in mind. First, we define Anonymous RAM, a generalization of a single- user Oblivious RAM to multiple mistrusted users, and present two constructions thereof with different trade-offs between assumptions and efficiency. Second, we define an encryption scheme that allows to establish chains of ciphertexts anony- mously and verify their integrity. Furthermore, the aggregatable version of the scheme allows to build a Parallel Anonymous RAM, which enhances Anonymous RAM by supporting concurrent users. Third, we show our technique for construct- ing efficient non-interactive zero-knowledge proofs for statements that consist of both algebraic and arithmetic statements. Finally, we show our framework for constructing efficient single secret leader election protocols, which have been recently identified as an important component in proof-of-stake cryptocurrencies.Fortschritte in der Informationstechnik haben leistungsstarke allgegenwärtige Rechner hervorgerufen, während uns digitale Netzwerke neue Wege für die schnelle Kommunikation ermöglicht haben. Durch die Vielzahl von Anwendungen führte dies zur Übertragung von riesigen Datenvolumen. Seit Jahrzehnten wurden bereits verschiedene kryptographische Verfahren und Technologien zum Datenschutz erforscht und analysiert. Das Ziel ist die Privatsphäre der Benutzer zu schützen und gleichzeitig nützliche Funktionalität anzubieten, was oft mit einem Kompromiss zwischen Sicherheitseigenschaften, kryptographischen Annahmen und Effizienz verbunden ist. In einer Fülle von kryptographischen Konstruktionen spielen Anonymitätseigenschaften eine besondere Rolle, da sie in vielen realistischen Szenarien sehr wichtig sind. Allerdings fehlen vielen kryptographischen Primitive Anonymitätseigenschaften oder sie stehen im Zusammenhang mit erheblichen Kosten. In dieser Dissertation erweitern wir den Bereich von kryptographischen Prim- itiven mit einem Fokus auf Anonymität. Erstens definieren wir Anonymous RAM, eine Verallgemeinerung von Einzelbenutzer-Oblivious RAM für mehrere misstraute Benutzer, und stellen dazu zwei Konstruktionen mit verschiedenen Kompromissen zwischen Annahmen und Effizienz vor. Zweitens definieren wir ein Verschlüsselungsverfahren, das es erlaubt anonym eine Verbindung zwischen Geheimtexten herzustellen und deren Integrität zu überprüfen. Darüber hinaus bietet die aggregierbare Variante von diesem Verfahren an, Parallel Anonymous RAM zu bauen. Dieses verbessert Anonymous RAM, indem es mehrere Benutzer in einer parallelen Ausführung unterstützen kann. Drittens zeigen wir eine Meth- ode für das Konstruieren effizienter Zero-Knowledge-Protokolle, die gleichzeitig aus algebraischen und arithmetischen Teilen bestehen. Zuletzt zeigen wir ein Framework für das Konstruieren effizienter Single-Leader-Election-Protokolle, was kürzlich als ein wichtiger Bestandteil in den Proof-of-Stake Kryptowährungen erkannt worden ist

Collaborating across Organizations for a Remote Area Medical Event: Providing Consumer Health Information and Assessing Health Literacy

Objective: The University of Tennessee’s Preston Medical Library’s (PML) consumer health information service partnered with local librarians and Remote Area Medical (RAM) to increase consumer health information access as well as assess health literacy levels of RAM attendees. Methods: Librarians contacted RAM and obtained permission to both participate in the Knoxville, TN event and conduct anonymous health literacy assessments using the Newest Vital Sign (NVS) tool. Approval was obtained from PML’s institutional IRB. An email gauging participation interest was sent to local librarians at various institutions. A Zoom meeting was then set up to discuss RAM and participant expectations. A librarian with previous experience of partnering with RAM spoke at the meeting about his experiences and answered questions. Librarians volunteered for specific times so that two people were always at the library’s information table. Results: Ten librarians from across four different academic institutions attended the February RAM event and staffed a table with consumer health information handouts, health information request forms, and other informational materials. 137 people visited the table and 13 filled out health information request forms. Mental health was the subject area most frequently requested. Sixteen participants completed the NVS health literacy assessment tool. Results indicate that the majority of participants likely had adequate health literacy. Conclusions: Participating in the RAM event allowed for collaboration with multiple institutions in the local area, further building relationships for future collaborative efforts. Through participating in the Knoxville RAM event and analyzing collected data, researchers sampled health literacy of RAM attendees and planned more focused consumer health information outreach. Two other RAM events in east Tennessee were cancelled due to the COVID-19 pandemic; the library will participate in the annual Knoxville RAM event on a continual basis

The Onion Routing Performance using Shadow-plugin-TOR

Anonymous network provides user privacy to protect identity. The onion routing (TOR) project is one kind of Internet anonymous networks which attracts many researchers and clients nowadays, because of its simplicity and scalability. However, there are some difficulties to analyze TOR performance within live TOR networks since it is distributed and its security nature. This paper presents a TOR network simulation using shadow-plugin-TOR to configure a small scale virtual computer network within a host, running TOR, and then to analyze TOR performance in several measurements. One main advantage is that the shadow-plugin-TOR application can be implemented within a host in which used to build a client-server architecture of TOR network. Various number of relays and clients have been set to examine TOR network performance. The small scale simulations conducted using maximal CPU capacity between 60%–75% and memory (RAM) usage between 320 MiB– 1.5 GiB for each configuration. The simulation results show that average transmission time is shortened and bandwidth is faster along with increasing number of relay rather than adding more client

Dark clouds on the horizon:the challenge of cloud forensics

We introduce the challenges to digital forensics introduced by the advent and adoption of technologies, such as encryption, secure networking, secure processors and anonymous routing. All potentially render current approaches to digital forensic investigation unusable. We explain how the Cloud, due to its global distribution and multi-jurisdictional nature, exacerbates these challenges. The latest developments in the computing milieu threaten a complete “evidence blackout” with severe implications for the detection, investigation and prosecution of cybercrime. In this paper, we review the current landscape of cloud-based forensics investigations. We posit a number of potential solutions. Cloud forensic difficulties can only be addressed if we acknowledge its socio-technological nature, and design solutions that address both human and technological dimensions. No firm conclusion is drawn; rather the objective is to present a position paper, which will stimulate debate in the area and move the discipline of digital cloud forensics forward. Thus, the paper concludes with an invitation to further informed debate on this issue

A Generic Checkpoint-Restart Mechanism for Virtual Machines

It is common today to deploy complex software inside a virtual machine (VM). Snapshots provide rapid deployment, migration between hosts, dependability (fault tolerance), and security (insulating a guest VM from the host). Yet, for each virtual machine, the code for snapshots is laboriously developed on a per-VM basis. This work demonstrates a generic checkpoint-restart mechanism for virtual machines. The mechanism is based on a plugin on top of an unmodified user-space checkpoint-restart package, DMTCP. Checkpoint-restart is demonstrated for three virtual machines: Lguest, user-space QEMU, and KVM/QEMU. The plugins for Lguest and KVM/QEMU require just 200 lines of code. The Lguest kernel driver API is augmented by 40 lines of code. DMTCP checkpoints user-space QEMU without any new code. KVM/QEMU, user-space QEMU, and DMTCP need no modification. The design benefits from other DMTCP features and plugins. Experiments demonstrate checkpoint and restart in 0.2 seconds using forked checkpointing, mmap-based fast-restart, and incremental Btrfs-based snapshots