Efficient Threshold Secret Sharing Schemes Secure against Rushing Cheaters

In this paper, we consider three very important issues namely detection, identification and robustness of $k$-out-of-$n$ secret sharing schemes against rushing cheaters who are allowed to submit (possibly forged) shares {\em after} observing shares of the honest users in the reconstruction phase. Towards this we present five different schemes. Among these, first we present two $k$-out-of-$n$ secret sharing schemes, the first one being capable of detecting $(k-1)/3$ cheaters such that $|V_i|=|S|/\epsilon^3$ and the second one being capable of detecting $n-1$ cheaters such that $|V_i|=|S|/\epsilon^{k+1}$, where $S$ denotes the set of all possible secrets, $\epsilon$ denotes the successful cheating probability of cheaters and $V_i$ denotes set all possible shares. Next we present two $k$-out-of-$n$ secret sharing schemes, the first one being capable of identifying $(k-1)/3$ rushing cheaters with share size $|V_i|$ that satisfies $|V_i|=|S|/\epsilon^k$. This is the first scheme whose size of shares does not grow linearly with $n$ but only with $k$, where $n$ is the number of participants. For the second one, in the setting of public cheater identification, we present an efficient optimal cheater resilient $k$-out-of-$n$ secret sharing scheme against rushing cheaters having the share size $|V_i|= (n-t)^{n+2t}|S|/\epsilon^{n+2t}$. The proposed scheme achieves {\em flexibility} in the sense that the security level (i.e. the cheater(s) success probability) is independent of the secret size. Finally, we design an efficient $(k, \delta)$ robust secret sharing secure against rushing adversary with optimal cheater resiliency. Each of the five proposed schemes has the smallest share size having the mentioned properties among the existing schemes in the respective fields

Information-Theoretic Secure Outsourced Computation in Distributed Systems

Secure multi-party computation (secure MPC) has been established as the de facto paradigm for protecting privacy in distributed computation. One of the earliest secure MPC primitives is the Shamir\u27s secret sharing (SSS) scheme. SSS has many advantages over other popular secure MPC primitives like garbled circuits (GC) -- it provides information-theoretic security guarantee, requires no complex long-integer operations, and often leads to more efficient protocols. Nonetheless, SSS receives less attention in the signal processing community because SSS requires a larger number of honest participants, making it prone to collusion attacks. In this dissertation, I propose an agent-based computing framework using SSS to protect privacy in distributed signal processing. There are three main contributions to this dissertation. First, the proposed computing framework is shown to be significantly more efficient than GC. Second, a novel game-theoretical framework is proposed to analyze different types of collusion attacks. Third, using the proposed game-theoretical framework, specific mechanism designs are developed to deter collusion attacks in a fully distributed manner. Specifically, for a collusion attack with known detectors, I analyze it as games between secret owners and show that the attack can be effectively deterred by an explicit retaliation mechanism. For a general attack without detectors, I expand the scope of the game to include the computing agents and provide deterrence through deceptive collusion requests. The correctness and privacy of the protocols are proved under a covert adversarial model. Our experimental results demonstrate the efficiency of SSS-based protocols and the validity of our mechanism design

Distributed virtual environment scalability and security

Distributed virtual environments (DVEs) have been an active area of research and engineering for more than 20 years. The most widely deployed DVEs are network games such as Quake, Halo, and World of Warcraft (WoW), with millions of users and billions of dollars in annual revenue. Deployed DVEs remain expensive centralized implementations despite significant research outlining ways to distribute DVE workloads. This dissertation shows previous DVE research evaluations are inconsistent with deployed DVE needs. Assumptions about avatar movement and proximity - fundamental scale factors - do not match WoW’s workload, and likely the workload of other deployed DVEs. Alternate workload models are explored and preliminary conclusions presented. Using realistic workloads it is shown that a fully decentralized DVE cannot be deployed to today’s consumers, regardless of its overhead. Residential broadband speeds are improving, and this limitation will eventually disappear. When it does, appropriate security mechanisms will be a fundamental requirement for technology adoption. A trusted auditing system (“Carbon”) is presented which has good security, scalability, and resource characteristics for decentralized DVEs. When performing exhaustive auditing, Carbon adds 27% network overhead to a decentralized DVE with a WoW-like workload. This resource consumption can be reduced significantly, depending upon the DVE’s risk tolerance. Finally, the Pairwise Random Protocol (PRP) is described. PRP enables adversaries to fairly resolve probabilistic activities, an ability missing from most decentralized DVE security proposals. Thus, this dissertations contribution is to address two of the obstacles for deploying research on decentralized DVE architectures. First, lack of evidence that research results apply to existing DVEs. Second, the lack of security systems combining appropriate security guarantees with acceptable overhead

Addressing the Issues of Coalitions and Collusion in Multiagent Systems

In the field of multiagent systems, trust and reputation systems are intended to assist agents in finding trustworthy partners with whom to interact. Earlier work of ours identified in theory a number of security vulnerabilities in trust and reputation systems, weaknesses that might be exploited by malicious agents to bypass the protections offered by such systems. In this work, we begin by developing the TREET testbed, a simulation platform that allows for extensive evaluation and flexible experimentation with trust and reputation technologies. We use this testbed to experimentally validate the practicality and gravity of attacks against vulnerabilities. Of particular interest are attacks that are collusive in nature: groups of agents (coalitions) working together to improve their expected rewards. But the issue of coalitions is not unique to trust and reputation; rather, it cuts across a range of fields in multiagent systems and beyond. In some scenarios, coalitions may be unwanted or forbidden; in others they may be benign or even desirable. In this document, we propose a method for detecting coalitions and identifying coalition members, a capability that is likely to be valuable in many of the diverse fields where coalitions may be of interest. Our method makes use of clustering in benefit space (a high-dimensional space reflecting how agents benefit others in the system) in order to identify groups of agents who benefit similar sets of agents. A statistical technique is then used to identify which clusters contain coalitions. Experimentation using the TREET platform verifies the effectiveness of this approach. A series of enhancements to our method are also introduced, which improve the accuracy and robustness of the algorithm. To demonstrate how this broadly-applicable tool can be used to address domain-specific problems, we focus again on trust and reputation systems. We show how, by incorporating our work into one such system (the existing Beta Reputation System), we can provide resistance to collusion. We conclude with a detailed discussion of the value of our work for a wide range of environments, including a variety of multiagent systems and real-world settings

Pyoverdine production in the pathogen Pseudomonas aeruginosa

Opportunistic pathogens like Pseudomonas aeruginosa become increasingly resistant to antibiotics, and therefore represent a major threat to patients. Thus, we urgently need new approaches to fight multi-resistant pathogens. It has been suggested that, instead of targeting vital cell mechanisms, virulence factors could be inhibited with so-called anti-virulence treatments. These treatments are believed to impose lower selection pressure on the pathogen and would thereby reduce the risk of resistance development. In this thesis, we aim to extend the anti-virulence approach by targeting a secreted virulence factor that is cooperatively shared between bacteria. For many pathogens, cooperation is essential to infect hosts, and is often mediated by secreted, publically shared virulence factors. Cooperating individuals can be exploited by individuals, which do not contribute to cooperation, but reap the benefits from it, so-called cheaters. By targeting a cooperatively shared virulence factor, the cooperating community becomes phenotypic cheaters and every individual, that resumes cooperation (e.g. by developing resistance), will be exploited immediately and thus resistance is not favoured by natural selection. Such a treatment can become evolution proof. We tested this idea by inhibiting the cooperatively shared virulence factor pyoverdine. Pyoverdine is the main siderophore of P. aeruginosa, which is deployed in severely iron-limited environments to assure sufficient supply of this essential nutrient. Pyoverdine facilitates pathogenic growth at the infection site. In chapter (3) we experimentally tested a promising candidate, the transition metal gallium, as an evolution proof anti-virulence treatment, that targets pyoverdine. Gallium effectively curbed the virulence of P. aeruginosa in an insect model. Moreover, while antibiotics lost their efficacy rapidly in an evolution experiment, P. aeruginosa did not show signs of resistance to gallium. Next, we tested if and how such interference with virulence factor availability (pyoverdine) feeds back on the pathogen, its regulatory network and the host (chapter 4). We found complex relationships between these variables. While the link between virulence factor availability and virulence was positive, pyoverdine availability did not correlate monotonously with pathogen growth within the host. The amount of available virulence factor influenced the expression of virulence factors, that are regulatorily linked. Additionally, it triggered differential host immune responses. These findings highlight the necessity to closely evaluate the effects of any anti-virulence drug on the pathogen and the host, in order to design effective drugs with a predictive treatment outcome. The concept of evolution proof anti-virulence treatments builds (among others) on the assumption that the targeted virulence factor is collectively shared between individuals. Although pyoverdine cooperation has been extensively studied in the last decade, almost all studies feature experiments in batch cultures. However, little is known about whether the insights from batch culture experiments can be transferred to infections. In the host, cell numbers might be lower and bacteria might interact on the micrometre-scale in a spatially structured environment where diffusion of a shared virulence factor, and thus shareability, could be limited. Therefore, we investigated pyoverdine sharing between individuals, attached to a surface, at the level of single cells by using fluorescent microscopy, and experimentally tested the physical boundaries of pyoverdine sharing (chapter 5). We found that even in highly viscous environments, pyoverdine is publically shared over a considerable distance. These findings validate the assumption that pyoverdine is cooperatively shared, even in viscous environments, such as experienced in infections, and therefore indicates that anti-virulence treatments targeting pyoverdine (e.g. via gallium), could indeed be evolution proof

Selected Computing Research Papers Volume 1 June 2012

An Evaluation of Anti-phishing Solutions (Arinze Bona Umeaku) ..................................... 1 A Detailed Analysis of Current Biometric Research Aimed at Improving Online Authentication Systems (Daniel Brown) .............................................................................. 7 An Evaluation of Current Intrusion Detection Systems Research (Gavin Alexander Burns) .................................................................................................... 13 An Analysis of Current Research on Quantum Key Distribution (Mark Lorraine) ............ 19 A Critical Review of Current Distributed Denial of Service Prevention Methodologies (Paul Mains) ............................................................................................... 29 An Evaluation of Current Computing Methodologies Aimed at Improving the Prevention of SQL Injection Attacks in Web Based Applications (Niall Marsh) .............. 39 An Evaluation of Proposals to Detect Cheating in Multiplayer Online Games (Bradley Peacock) ............................................................................................................... 45 An Empirical Study of Security Techniques Used In Online Banking (Rajinder D G Singh) .......................................................................................................... 51 A Critical Study on Proposed Firewall Implementation Methods in Modern Networks (Loghin Tivig) .................................................................................................... 5

Tõhus peit- ja aktiivse ründaja vastu kaitstud turvaline ühisarvutus

Turvaline ühisarvutus on tänapäevase krüptograafia üks tähtsamaid kasutusviise, mis koondab elegantsed matemaatilised lahendused praktiliste rakenduste ehitamiseks, võimaldades mitmel erineval andmeomanikul sooritada oma andmetega suvalisi ühiseid arvutusi, ilma neid andmeid üksteisele avaldamata. Passiivse ründaja vastu turvalised protokollid eeldavad, et kõik osapooled käituvad ausalt. Aktiivse ründaja vastu turvalised protokollid ei lekita privaatseid andmeid sõltumata ründaja käitumisest. Käesolevas töös esitatakse üldine meetod, mis teisendab passiivse ründaja vastu turvalised ühisarvutusprotokollid turvaliseks aktiivse ründaja vastu. Meetod on optimeeritud kolme osapoolega arvutusteks üle algebraliste ringide; praktikas on see väga efektiivne mudel, mis teeb reaalse maailma rakendused teostatavateks. Meetod lisab esialgsele arvutusprotokollile täitmisjärgse verifitseerimisfaasi, mis muudab valesti käitunud osapooltel vahelejäämise vältimise tõenäosuse kaduvväikseks, säilitades esialgse protokolli turvagarantiid. Lisaks uurib käesolev töö rünnete uut eesmärki, mis seisneb mingi ausa osapoole vaate manipuleerimises sellisel viisil, et ta saaks midagi teada teise ausa osapoole privaatsete andmete kohta. Ründaja ise ei tarvitse seda infot üldse teada saada. Sellised ründed on olulised, sest need kohustavad ausat osapoolt tühjendama oma süsteemi teiste osapoolte andmetest, kuid see ülesanne võib olla päris mittetriviaalne. Eelnevalt pakutud verifitseerimismehhanisme täiendatakse nii, et privaatsed andmed oleksid kaitstud ka ausate osapoolte eest. Paljud ühisarvutusplatvormid on varustatud programmeerimiskeelega, mis võimaldab kirjutada privaatsust säilitavaid rakendusi ilma allolevale krüptograafiale mõtlemata. Juhul, kui programm sisaldab tingimuslauseid, kus arvutusharu valik sõltub privaatsetest andmetest, ei tohi ükski osapool haru valikust midagi teada, nii et üldjuhul peavad osapooled täitma kõik harud. Harude suure arvu kor-ral võib arvutuslik lisakulu olla ülisuur, sest enamik vahetulemustest visatakse ära. Käesolevas töös pakutakse selliseid lisakulusid vähendavat optimeerimist.Secure multiparty computation is one of the most important employments of modern cryptography, bringing together elegant mathematical solutions to build up useful practical applications. It allows several distinct data owners to perform arbitrary collaborative computation on their private data without leaking any information to each other. Passively secure protocols assume that all parties follow the protocol rules. Actively secure protocols do not leak private data regardless of the attacker’s behaviour. This thesis presents a generic method for turning passively secure multiparty protocols to actively secure ones. The method is optimized for three party computation over algebraic rings, which has proven to be quite an efficient model, making large real-world applications feasible. Our method adds to the protocol a post-execution verification phase that allows a misbehaving party to escape detection only with negligible probability. It preserves the privacy guarantees of the original protocol. In this thesis, we also study a new adversarial goal in multiparty protocols. The goal is to manipulate the view of some honest party in such a way, that this honest party learns the private data of some other honest party. The adversary itself might not learn this data at all. Such attacks are significant because they create a liability to the first honest party to clean its systems from the second honest party’s data, which may be a highly non-trivial task in practice. We check the security of our verification mechanism in this new model, and we propose some minor modifications that ensure data protection also from the honest parties. Many secure multiparty computation platforms come with a programming language that allows the developer to write privacy-preserving applications without thinking of the underlying cryptography. If a program contains conditional statements where the choice of the computational branch depends on private data, then no party should know which branch has been executed, so in general the parties need to execute all of them. If the number of branches is large, the computational overhead may be enormous, as most of the intermediate results are just discarded. In this thesis, we propose an automatic optimization that reduces this overhead

Playing against the grain: Rhetorics of counterplay in console based first-person shooter videogames.

This thesis was submitted for the award of Doctor of Philosophy and was awarded by Brunel University London.Counterplay is a way of playing digital games that opposes the encoded algorithms that define their appropriate use and interaction. Counterplay is often manifested within the social arena as practices such as the creation of incendiary user generated content, grief-play, cheating, glitching, modding, and hacking. It is deemed damaging to normative play values, to the experience of play, and detrimental to the viability of videogames as mainstream entertainment products. Counterplay is often framed through the rhetoric of transgression as pathogen, as a hostile, infectious, threatening act. Those found conducting it are subject to a range of punishments ranging from expulsion from videogames to criminal conviction. Despite the steps taken to manage counterplay, it occurs frequently within contemporary videogames causing significant disruption to play and necessitating costly remedy. This thesis argues that counterplay should be understood as a practice with its own pleasures and justifying rhetorics that problematise the rhetoric of pathogen and attenuate the threat of penalty. Despite the social and economic significance of counterplay upon contemporary videogames, relatively little is known of the practices conducted by counterplayers, their motivations, or the rhetorics that they deploy to justify and contextualise their actions. Through the use of ethnographic approaches, including interview and participant observation, alongside the identification and application of five popular rhetorics of transgression, this study aims to expose the meanings and complexities of contemporary counterplay. It examines counterplayer testimonies that articulate the practices and rhetorics underpinning the creation of incendiary user generated content, grief play, glitching, modding, and hacking on the Xbox 360 platform in particular. This study represents a contribution to the field of game studies in an area so far underresearched, offering voice to a previously silent demographic, that of counterplayers. In focussing upon their practices, communities and motivations, this study challenges the framing of counterplay as reductively oppositional or hostile. Instead, counterplay is shown to be an act of seduction, a means of articulating identity, status and recognition, as an expression of hacker ideology, and as a re-engagement with the carnivalesque. These meanings, in addition to the rhetoric of pathogen, offer an expanded image of counterplay and the counterplayer that highlights the significance of counterplay within the context of contemporary popular and youth culture.Canterbury Christ Church University’s Staff Development programm