Post-Quantum Era Privacy Protection for Intelligent Infrastructures

As we move into a new decade, the global world of Intelligent Infrastructure (II) services integrated into the Internet of Things (IoT) are at the forefront of technological advancements. With billions of connected devices spanning continents through interconnected networks, security and privacy protection techniques for the emerging II services become a paramount concern. In this paper, an up-to-date privacy method mapping and relevant use cases are surveyed for II services. Particularly, we emphasize on post-quantum cryptography techniques that may (or must when quantum computers become a reality) be used in the future through concrete products, pilots, and projects. The topics presented in this paper are of utmost importance as (1) several recent regulations such as Europe's General Data Protection Regulation (GDPR) have given privacy a significant place in digital society, and (2) the increase of IoT/II applications and digital services with growing data collection capabilities are introducing new threats and risks on citizens' privacy. This in-depth survey begins with an overview of security and privacy threats in IoT/IIs. Next, we summarize some selected Privacy-Enhancing Technologies (PETs) suitable for privacy-concerned II services, and then map recent PET schemes based on post-quantum cryptographic primitives which are capable of withstanding quantum computing attacks. This paper also overviews how PETs can be deployed in practical use cases in the scope of IoT/IIs, and maps some current projects, pilots, and products that deal with PETs. A practical case study on the Internet of Vehicles (IoV) is presented to demonstrate how PETs can be applied in reality. Finally, we discuss the main challenges with respect to current PETs and highlight some future directions for developing their post-quantum counterparts

Hierarchical network topographical routing

Within the last 10 years the content consumption model that underlies many of the assumptions about traffic aggregation within the Internet has changed; the previous short burst transfer followed by longer periods of inactivity that allowed for statistical aggregation of traffic has been increasingly replaced by continuous data transfer models. Approaching this issue from a clean slate perspective; this work looks at the design of a network routing structure and supporting protocols for assisting in the delivery of large scale content services. Rather than approaching a content support model through existing IP models the work takes a fresh look at Internet routing through a hierarchical model in order to highlight the benefits that can be gained with a new structural Internet or through similar modifications to the existing IP model. The work is divided into three major sections: investigating the existing UK based Internet structure as compared to the traditional Autonomous System (AS) Internet structural model; a localised hierarchical network topographical routing model; and intelligent distributed localised service models. The work begins by looking at the United Kingdom (UK) Internet structure as an example of a current generation technical and economic model with shared access to the last mile connectivity and a large scale wholesale network between Internet Service Providers (ISPs) and the end user. This model combined with the Internet Protocol (IP) address allocation and transparency of the wholesale network results in an enforced inefficiency within the overall network restricting the ability of ISPs to collaborate. From this model a core / edge separation hierarchical virtual tree based routing protocol based on the physical network topography (layers 2 and 3) is developed to remove this enforced inefficiency by allowing direct management and control at the lowest levels of the network. This model acts as the base layer for further distributed intelligent services such as management and content delivery to enable both ISPs and third parties to actively collaborate and provide content from the most efficient source

Security plane for data authentication in information-centric networks

Orientadores: Maurício Ferreira Magalhães, Jussi KangasharjuTese (doutorado) - Universidade Estadual de Campinas, Faculdade de Engenharia Elétrica e de ComputaçãoResumo: A segurança da informação é responsável pela proteção das informações contra o acesso nãoautorizado, uso, modificação ou a sua destruição. Com o objetivo de proteger os dados contra esses ataques de segurança, vários protocolos foram desenvolvidos, tais como o Internet Protocol Security (IPSEC) e o Transport Layer Security (TLS), provendo mecanismos de autenticação, integridade e confidencialidade dos dados para os usuários. Esses protocolos utilizam o endereço IP como identificador de hosts na Internet, tornando-o referência e identificador no estabelecimento de conexões seguras para a troca de dados entre aplicações na rede. Com o advento da Web e o aumento exponencial do consumo de conteúdos, como vídeos e áudios, há indícios da migração gradual do uso predominante da Internet, passando da ênfase voltada para a conexão entre hosts para uma ênfase voltada para a obtenção de conteúdo da rede, paradigma esse conhecido como information-centric networking. Nesse paradigma, usuários buscam por documentos e recursos na Internet sem se importarem com o conhecimento explícito da localização do conteúdo. Como consequência, o endereço IP que previamente era utilizado como ponto de referência do provedor de dados, torna-se meramente um identificador efêmero do local onde o conteúdo está armazenado, resultando em implicações para a autenticação correta dos dados. Nesse contexto, a simples autenticação de um endereço IP não garante a autenticidade dos dados, uma vez que o servidor identificado por um dado endereço IP não é necessariamente o endereço do produtor do conteúdo. No contexto de redes orientadas à informação, existem propostas na literatura que possibilitam a autenticação dos dados utilizando somente o conteúdo propriamente dito, como a utilização de assinaturas digitais por bloco de dado e a construção de árvores de hash sobre os blocos de dados. A ideia principal dessas abordagens é atrelar uma informação do provedor original do conteúdo nos blocos de dados transportados, por exemplo, uma assinatura digital, possibilitando a autenticação direta dos dados com o provedor, independentemente do host onde o dado foi obtido. Apesar do mecanismo citado anteriormente possibilitar tal verificação, esse procedimento é muito oneroso do ponto de vista de processamento, especialmente quando o número de blocos é grande, tornando-o inviável de ser utilizado na prática. Este trabalho propõe um novo mecanismo de autenticação utilizando árvores de hash com o objetivo de prover a autenticação dos dados de forma eficiente e explícita com o provedor original e, também, de forma independente do host onde os dados foram obtidos. Nesta tese, propomos duas técnicas de autenticação de dados baseadas em árvores de hash, chamadas de skewed hash tree (SHT) e composite hash tree (CHT), para a autenticação de dados em redes orientadas à informação. Uma vez criadas, parte dos dados de autenticação é armazenada em um plano de segurança e uma outra parte permanece acoplada ao dado propriamente dito, possibilitando a verificação baseada no conteúdo e não no host de origem. Além disso, essa tese apresenta o modelo formal, a especificação e a implementação das duas técnicas de árvore de hash para autenticação dos dados em redes de conteúdo através de um plano de segurança. Por fim, esta tese detalha a instanciação do modelo de plano de segurança proposto em dois cenários de autenticação de dados: 1) redes Peer-to-Peer e 2) autenticação paralela de dados sobre o HTTPAbstract: Information security is responsible for protecting information against unauthorized access, use, modification or destruction. In order to protect such data against security attacks, many security protocols have been developed, for example, Internet Protocol Security (IPSec) and Transport Layer Security (TLS), providing mechanisms for data authentication, integrity and confidentiality for users. These protocols use the IP address as host identifier on the Internet, making it as a reference and identifier during the establishment of secure connections for data exchange between applications on the network. With the advent of the Web and the exponential increase in content consumption (e.g., video and audio), there is an evidence of a gradual migration of the predominant usage of the Internet, moving the emphasis on the connection between hosts to the content retrieval from the network, which paradigm is known as information-centric networking. In this paradigm, users look for documents and resources on the Internet without caring about the explicit knowledge of the location of the content. As a result, the IP address that was used previously as a reference point of a data provider, becomes merely an ephemeral identifier of where the content is stored, resulting in implications for the correct authentication data. In this context, the simple authentication of an IP address does not guarantee the authenticity of the data, because a hosting server identified by a given IP address is not necessarily the same one that is producing the requested content. In the context of information-oriented networks, some proposals in the literature proposes authentication mechanisms based on the content itself, for example, digital signatures over a data block or the usage of hash trees over data blocks. The main idea of these approaches is to add some information from the original provider in the transported data blocks, for example, a digital signature, enabling data authentication directly with the original provider, regardless of the host where the data was obtained. Although the mechanism mentioned previously allows for such verification, this procedure is very costly in terms of processing, especially when the number of blocks is large, making it unfeasible in practice. This thesis proposes a new authentication mechanism using hash trees in order to provide efficient data authentication and explicitly with the original provider, and also independently of the host where the data were obtained. We propose two techniques for data authentication based on hash trees, called skewed hash tree (SHT) and composite hash tree (CHT), for data authentication in information-oriented networks. Once created, part of the authentication data is stored in a security plane and another part remains attached to the data itself, allowing for the verification based on content and not on the source host. In addition, this thesis presents the formal model, specification and implementation of two hash tree techniques for data authentication in information-centric networks through a security plane. Finally, this thesis details the instantiation of the security plane model in two scenarios of data authentication: 1) Peer-to-Peer and 2) parallel data authentication over HTTPDoutoradoEngenharia de ComputaçãoDoutor em Engenharia Elétric

Securing IP Mobility Management for Vehicular Ad Hoc Networks

The proliferation of Intelligent Transportation Systems (ITSs) applications, such as Internet access and Infotainment, highlights the requirements for improving the underlying mobility management protocols for Vehicular Ad Hoc Networks (VANETs). Mobility management protocols in VANETs are envisioned to support mobile nodes (MNs), i.e., vehicles, with seamless communications, in which service continuity is guaranteed while vehicles are roaming through different RoadSide Units (RSUs) with heterogeneous wireless technologies. Due to its standardization and widely deployment, IP mobility (also called Mobile IP (MIP)) is the most popular mobility management protocol used for mobile networks including VANETs. In addition, because of the diversity of possible applications, the Internet Engineering Task Force (IETF) issues many MIP's standardizations, such as MIPv6 and NEMO for global mobility, and Proxy MIP (PMIPv6) for localized mobility. However, many challenges have been posed for integrating IP mobility with VANETs, including the vehicle's high speeds, multi-hop communications, scalability, and ef ficiency. From a security perspective, we observe three main challenges: 1) each vehicle's anonymity and location privacy, 2) authenticating vehicles in multi-hop communications, and 3) physical-layer location privacy. In transmitting mobile IPv6 binding update signaling messages, the mobile node's Home Address (HoA) and Care-of Address (CoA) are transmitted as plain-text, hence they can be revealed by other network entities and attackers. The mobile node's HoA and CoA represent its identity and its current location, respectively, therefore revealing an MN's HoA means breaking its anonymity while revealing an MN's CoA means breaking its location privacy. On one hand, some existing anonymity and location privacy schemes require intensive computations, which means they cannot be used in such time-restricted seamless communications. On the other hand, some schemes only achieve seamless communication through low anonymity and location privacy levels. Therefore, the trade-off between the network performance, on one side, and the MN's anonymity and location privacy, on the other side, makes preservation of privacy a challenging issue. In addition, for PMIPv6 to provide IP mobility in an infrastructure-connected multi-hop VANET, an MN uses a relay node (RN) for communicating with its Mobile Access Gateway (MAG). Therefore, a mutual authentication between the MN and RN is required to thwart authentication attacks early in such scenarios. Furthermore, for a NEMO-based VANET infrastructure, which is used in public hotspots installed inside moving vehicles, protecting physical-layer location privacy is a prerequisite for achieving privacy in upper-layers such as the IP-layer. Due to the open nature of the wireless environment, a physical-layer attacker can easily localize users by employing signals transmitted from these users. In this dissertation, we address those security challenges by proposing three security schemes to be employed for different mobility management scenarios in VANETs, namely, the MIPv6, PMIPv6, and Network Mobility (NEMO) protocols. First, for MIPv6 protocol and based on the onion routing and anonymizer, we propose an anonymous and location privacy-preserving scheme (ALPP) that involves two complementary sub-schemes: anonymous home binding update (AHBU) and anonymous return routability (ARR). In addition, anonymous mutual authentication and key establishment schemes have been proposed, to authenticate a mobile node to its foreign gateway and create a shared key between them. Unlike existing schemes, ALPP alleviates the tradeoff between the networking performance and the achieved privacy level. Combining onion routing and the anonymizer in the ALPP scheme increases the achieved location privacy level, in which no entity in the network except the mobile node itself can identify this node's location. Using the entropy model, we show that ALPP achieves a higher degree of anonymity than that achieved by the mix-based scheme. Compared to existing schemes, the AHBU and ARR sub-schemes achieve smaller computation overheads and thwart both internal and external adversaries. Simulation results demonstrate that our sub-schemes have low control-packets routing delays, and are suitable for seamless communications. Second, for the multi-hop authentication problem in PMIPv6-based VANET, we propose EM3A, a novel mutual authentication scheme that guarantees the authenticity of both MN and RN. EM3A thwarts authentication attacks, including Denial of service (DoS), collusion, impersonation, replay, and man-in-the-middle attacks. EM3A works in conjunction with a proposed scheme for key establishment based on symmetric polynomials, to generate a shared secret key between an MN and an RN. This scheme achieves lower revocation overhead than that achieved by existing symmetric polynomial-based schemes. For a PMIP domain with n points of attachment and a symmetric polynomial of degree t, our scheme achieves t x 2^n-secrecy, whereas the existing symmetric polynomial-based authentication schemes achieve only t-secrecy. Computation and communication overhead analysis as well as simulation results show that EM3A achieves low authentication delay and is suitable for seamless multi-hop IP communications. Furthermore, we present a case study of a multi-hop authentication PMIP (MA-PMIP) implemented in vehicular networks. EM3A represents the multi-hop authentication in MA-PMIP to mutually authenticate the roaming vehicle and its relay vehicle. Compared to other authentication schemes, we show that our MA-PMIP protocol with EM3A achieves 99.6% and 96.8% reductions in authentication delay and communication overhead, respectively. Finally, we consider the physical-layer location privacy attacks in the NEMO-based VANETs scenario, such as would be presented by a public hotspot installed inside a moving vehicle. We modify the obfuscation, i.e., concealment, and power variability ideas and propose a new physical-layer location privacy scheme, the fake point-cluster based scheme, to prevent attackers from localizing users inside NEMO-based VANET hotspots. Involving the fake point and cluster based sub-schemes, the proposed scheme can: 1) confuse the attackers by increasing the estimation errors of their Received Signal Strength (RSSs) measurements, and 2) prevent attackers' monitoring devices from detecting the user's transmitted signals. We show that our scheme not only achieves higher location privacy, but also increases the overall network performance. Employing correctness, accuracy, and certainty as three different metrics, we analytically measure the location privacy achieved by our proposed scheme. In addition, using extensive simulations, we demonstrate that the fake point-cluster based scheme can be practically implemented in high-speed VANETs' scenarios

The Prom Problem: Fair and Privacy-Enhanced Matchmaking with Identity Linked Wishes

In the Prom Problem (TPP), Alice wishes to attend a school dance with Bob and needs a risk-free, privacy preserving way to find out whether Bob shares that same wish. If not, no one should know that she inquired about it, not even Bob. TPP represents a special class of matchmaking challenges, augmenting the properties of privacy-enhanced matchmaking, further requiring fairness and support for identity linked wishes (ILW) – wishes involving specific identities that are only valid if all involved parties have those same wishes. The Horne-Nair (HN) protocol was proposed as a solution to TPP along with a sample pseudo-code embodiment leveraging an untrusted matchmaker. Neither identities nor pseudo-identities are included in any messages or stored in the matchmaker’s database. Privacy relevant data stay within user control. A security analysis and proof-of-concept implementation validated the approach, fairness was quantified, and a feasibility analysis demonstrated practicality in real-world networks and systems, thereby bounding risk prior to incurring the full costs of development. The SecretMatch™ Prom app leverages one embodiment of the patented HN protocol to achieve privacy-enhanced and fair matchmaking with ILW. The endeavor led to practical lessons learned and recommendations for privacy engineering in an era of rapidly evolving privacy legislation. Next steps include design of SecretMatch™ apps for contexts like voting negotiations in legislative bodies and executive recruiting. The roadmap toward a quantum resistant SecretMatch™ began with design of a Hybrid Post-Quantum Horne-Nair (HPQHN) protocol. Future directions include enhancements to HPQHN, a fully Post Quantum HN protocol, and more

Datacenter Traffic Control: Understanding Techniques and Trade-offs

Datacenters provide cost-effective and flexible access to scalable compute and storage resources necessary for today's cloud computing needs. A typical datacenter is made up of thousands of servers connected with a large network and usually managed by one operator. To provide quality access to the variety of applications and services hosted on datacenters and maximize performance, it deems necessary to use datacenter networks effectively and efficiently. Datacenter traffic is often a mix of several classes with different priorities and requirements. This includes user-generated interactive traffic, traffic with deadlines, and long-running traffic. To this end, custom transport protocols and traffic management techniques have been developed to improve datacenter network performance. In this tutorial paper, we review the general architecture of datacenter networks, various topologies proposed for them, their traffic properties, general traffic control challenges in datacenters and general traffic control objectives. The purpose of this paper is to bring out the important characteristics of traffic control in datacenters and not to survey all existing solutions (as it is virtually impossible due to massive body of existing research). We hope to provide readers with a wide range of options and factors while considering a variety of traffic control mechanisms. We discuss various characteristics of datacenter traffic control including management schemes, transmission control, traffic shaping, prioritization, load balancing, multipathing, and traffic scheduling. Next, we point to several open challenges as well as new and interesting networking paradigms. At the end of this paper, we briefly review inter-datacenter networks that connect geographically dispersed datacenters which have been receiving increasing attention recently and pose interesting and novel research problems.Comment: Accepted for Publication in IEEE Communications Surveys and Tutorial

Secure Schemes for Semi-Trusted Environment

In recent years, two distributed system technologies have emerged: Peer-to-Peer (P2P) and cloud computing. For the former, the computers at the edge of networks share their resources, i.e., computing power, data, and network bandwidth, and obtain resources from other peers in the same community. Although this technology enables efficiency, scalability, and availability at low cost of ownership and maintenance, peers defined as ``like each other'' are not wholly controlled by one another or by the same authority. In addition, resources and functionality in P2P systems depend on peer contribution, i.e., storing, computing, routing, etc. These specific aspects raise security concerns and attacks that many researchers try to address. Most solutions proposed by researchers rely on public-key certificates from an external Certificate Authority (CA) or a centralized Public Key Infrastructure (PKI). However, both CA and PKI are contradictory to fully decentralized P2P systems that are self-organizing and infrastructureless. To avoid this contradiction, this thesis concerns the provisioning of public-key certificates in P2P communities, which is a crucial foundation for securing P2P functionalities and applications. We create a framework, named the Self-Organizing and Self-Healing CA group (SOHCG), that can provide certificates without a centralized Trusted Third Party (TTP). In our framework, a CA group is initialized in a Content Addressable Network (CAN) by trusted bootstrap nodes and then grows to a mature state by itself. Based on our group management policies and predefined parameters, the membership in a CA group is dynamic and has a uniform distribution over the P2P community; the size of a CA group is kept to a level that balances performance and acceptable security. The muticast group over an underlying CA group is constructed to reduce communication and computation overhead from collaboration among CA members. To maintain the quality of the CA group, the honest majority of members is maintained by a Byzantine agreement algorithm, and all shares are refreshed gradually and continuously. Our CA framework has been designed to meet all design goals, being self-organizing, self-healing, scalable, resilient, and efficient. A security analysis shows that the framework enables key registration and certificate issue with resistance to external attacks, i.e., node impersonation, man-in-the-middle (MITM), Sybil, and a specific form of DoS, as well as internal attacks, i.e., CA functionality interference and CA group subversion. Cloud computing is the most recent evolution of distributed systems that enable shared resources like P2P systems. Unlike P2P systems, cloud entities are asymmetric in roles like client-server models, i.e., end-users collaborate with Cloud Service Providers (CSPs) through Web interfaces or Web portals. Cloud computing is a combination of technologies, e.g., SOA services, virtualization, grid computing, clustering, P2P overlay networks, management automation, and the Internet, etc. With these technologies, cloud computing can deliver services with specific properties: on-demand self-service, broad network access, resource pooling, rapid elasticity, measured services. However, theses core technologies have their own intrinsic vulnerabilities, so they induce specific attacks to cloud computing. Furthermore, since public clouds are a form of outsourcing, the security of users' resources must rely on CSPs' administration. This situation raises two crucial security concerns for users: locking data into a single CSP and losing control of resources. Providing inter-operations between Application Service Providers (ASPs) and untrusted cloud storage is a countermeasure that can protect users from lock-in with a vendor and losing control of their data. To meet the above challenge, this thesis proposed a new authorization scheme, named OAuth and ABE based authorization (AAuth), that is built on the OAuth standard and leverages Ciphertext-Policy Attribute Based Encryption (CP-ABE) and ElGamal-like masks to construct ABE-based tokens. The ABE-tokens can facilitate a user-centric approach, end-to-end encryption and end-to-end authorization in semi-trusted clouds. With these facilities, owners can take control of their data resting in semi-untrusted clouds and safely use services from unknown ASPs. To this end, our scheme divides the attribute universe into two disjointed sets: confined attributes defined by owners to limit the lifetime and scope of tokens and descriptive attributes defined by authority(s) to certify the characteristic of ASPs. Security analysis shows that AAuth maintains the same security level as the original CP-ABE scheme and protects users from exposing their credentials to ASP, as OAuth does. Moreover, AAuth can resist both external and internal attacks, including untrusted cloud storage. Since most cryptographic functions are delegated from owners to CSPs, AAuth gains computing power from clouds. In our extensive simulation, AAuth's greater overhead was balanced by greater security than OAuth's. Furthermore, our scheme works seamlessly with storage providers by retaining the providers' APIs in the usual way

A critical literature review of security and privacy in smart home healthcare schemes adopting IoT & blockchain: problems, challenges and solutions

Protecting private data in smart homes, a popular Internet-of-Things (IoT) application, remains a significant data security and privacy challenge due to the large-scale development and distributed nature of IoT networks. Recently, smart healthcare has leveraged smart home systems, thereby compounding security concerns in terms of the confidentiality of sensitive and private data and by extension the privacy of the data owner. However, PoA-based Blockchain DLT has emerged as a promising solution for protecting private data from indiscriminate use and thereby preserving the privacy of individuals residing in IoT-enabled smart homes. This review elicits some concerns, issues, and problems that have hindered the adoption of blockchain and IoT (BCoT) in some domains and suggests requisite solutions using the aging-in-place scenario. Implementation issues with BCoT were examined as well as the combined challenges BCoT can pose when utilised for security gains. The study discusses recent findings, opportunities, and barriers, and provide recommendations that could facilitate the continuous growth of blockchain application in healthcare. Lastly, the study then explored the potential of using a PoA-based permission blockchain with an applicable consent-based privacy model for decision-making in the information disclosure process, including the use of publisher-subscriber contracts for fine-grained access control to ensure secure data processing and sharing, as well as ethical trust in personal information disclosure, as a solution direction. The proposed authorisation framework could guarantee data ownership, conditional access management, scalable and tamper-proof data storage, and a more resilient system against threat models such as interception and insider attacks