60 research outputs found
Cast-as-Intended Mechanism with Return Codes Based on PETs
We propose a method providing cast-as-intended verifiability for remote
electronic voting. The method is based on plaintext equivalence tests (PETs),
used to match the cast ballots against the pre-generated encrypted code tables.
Our solution provides an attractive balance of security and functional
properties. It is based on well-known cryptographic building blocks and relies
on standard cryptographic assumptions, which allows for relatively simple
security analysis. Our scheme is designed with a built-in fine-grained
distributed trust mechanism based on threshold decryption. It, finally, imposes
only very little additional computational burden on the voting platform, which
is especially important when voters use devices of restricted computational
power such as mobile phones. At the same time, the computational cost on the
server side is very reasonable and scales well with the increasing ballot size
Risks and opportunities in arbitrage and market-making in blockchain-based currency markets. Part 1 : Risks
This study provides a practical introduction to high-frequency trading in
blockchain-based currency markets. These types of markets have some specific
characteristics that differentiate them from the stock markets, such as a large
number of trading exchanges (centralized and decentralized), relative
simplicity in moving funds from one exchange to another, and the large number
of new currencies that have very little liquidity. This study analyzes the
possible risks that specifically characterize this type of trading operation,
the potential opportunities, and the algorithms that are mostly used, providing
information that can be useful for practitioners who intend to operate in these
markets by providing (and risking) liquidity
Nonce-based Kerberos is a Secure Delegated AKE Protocol
Kerberos is one of the most important cryptographic protocols, first because it is the basisc authentication protocol in Microsoft\u27s Active Directory and shipped with every major operating system, and second because it served as a model for all Single-Sign-On protocols (e.g. SAML, OpenID, MS Cardspace, OpenID Connect). Its security has been confirmed with several Dolev-Yao style proofs, and attacks on certain versions of the protocol have been described.
However despite its importance, despite its longevity, and despite the wealth of Dolev-Yao-style security proofs, no reduction based security proof has been published until now. This has two reasons: (1) All widely accepted formal models either deal with two-party protocols, or group key agreement protocols (where all entities have the same role), but not with 3-party protocols where each party has a different role. (2) Kerberos uses timestamps and nonces, and formal security models for timestamps are not well understood up to now.
As a step towards a full security proof of Kerberos, we target problem (1) here: We propose a variant of the Kerberos protocol, where nonces are used instead of timestamps. This requires one additional protocol message, but enables a proof in the standard Bellare-Rogaway (BR) model. The key setup and the roles of the different parties are identical to the original Kerberos protocol.
For our proof, we only require that the authenticated encryption and the message authentication code (MAC) schemes are secure. Under these assumptions we show that the probability that a client or server process oracle accepts maliciously, and the advantage of an adversary trying to distinguish a real Kerberos session key from a random value, are both negligible.
One main idea in the proof is to model the Kerberos server a a public oracle, so that we do not have to consider the security of the connection client--Kerberos. This idea is only applicable to the communication pattern adapted by Kerberos, and not to other 3-party patterns (e.g. EAP protocols)
How to Construct Rational Protocols with Nash Equilibrium Consistency in the UC framework
The inconsistency of Nash equilibrium of rational delegated computation scheme in the UC framework will lead to the lack of strict security proof of the protocols fundamentally. The consistency proof of Nash equilibrium between the ideal world and the real world has always been a challenge in the research field. In this paper, we analyze the Nash equilibrium according to the game model of rational delegated computation, and the ideal functionality for rational delegation of computation based on incentive-driven adversary is proposed, then we construct a rational delegated computation protocol for UC-realizing the ideal functionality. In a word, the proposed rational delegated computing protocol based on incentive-driven adversary has been proven to be secure in the universally composable framework, furthermore, we effectively solve the inconsistency problem of Nash equilibrium between the real world and the ideal world
A Petri Nets Model for Blockchain Analysis
A Blockchain is a global shared infrastructure where cryptocurrency
transactions among addresses are recorded, validated and made publicly
available in a peer- to-peer network. To date the best known and important
cryptocurrency is the bitcoin. In this paper we focus on this cryptocurrency
and in particular on the modeling of the Bitcoin Blockchain by using the Petri
Nets formalism. The proposed model allows us to quickly collect information
about identities owning Bitcoin addresses and to recover measures and
statistics on the Bitcoin network. By exploiting algebraic formalism, we
reconstructed an Entities network associated to Blockchain transactions
gathering together Bitcoin addresses into the single entity holding permits to
manage Bitcoins held by those addresses. The model allows also to identify a
set of behaviours typical of Bitcoin owners, like that of using an address only
once, and to reconstruct chains for this behaviour together with the rate of
firing. Our model is highly flexible and can easily be adapted to include
different features of the Bitcoin crypto-currency system
Private votes on untrusted platforms: models, attacks and provable scheme
International audienceModern e-voting systems deploy cryptographic protocols on a complex infrastructure involving different computing platforms and agents. It is crucial to have appropriate specification and evaluation methods to perform rigorous analysis of such systems, taking into account the corruption and computational capabilities of a potential attacker. In particular, the platform used for voting may be corrupted, e.g. infected by malware, and we need to ensure privacy and integrity of votes even in that case. We propose a new definition of vote privacy, formalized as a computational indistinguishability game, that allows to take into account such refined attacker models; we show that the definition captures both known and novel attacks against several voting schemes; and we propose a scheme that is provably secure in this setting. We moreover formalize and machine-check the proof in the EasyCrypt theorem prover
- …