The Elgamal Cryptosystem is better than Th RSA Cryptosystem for Mental Poker

Cryptosystems are one of the most important parts of secure online poker card games. However, there is no research comparing the RSA Cryptosystem (RC) and Elgamal Cryptosystem (EC) for mental poker card games. This paper compares the RSA Cryptosystem and Elgamal Cryptosystem implementations of mental poker card games using distributed key generation schemes. Each implementation is based on a joint encryption/decryption of individual cards. Both implementations use shared private key encryption/decryption schemes and neither uses a trusted third party (TTP). The comparison criteria will be concentrated on the security and computational complexity of the game, collusions among the players and the debate between the discrete logarithm problem (DLP) and the factoring problem (FP) for the encryption/decryption schemes. Under these criteria, the comparison results demonstrate that the Elgamal Cryptosystem has better efficiency and effectiveness than RSA for mental poker card games

A NOVEL APPROACH FOR VERIFIABLE SECRET SHARING IN PROACTIVE NETWORK USING RSA

We consider perfect verifiable secret sharing (VSS) in a synchronous network of n processors (players) where a designated player called the dealer wishes to distribute a secret s among the players in a way that none of them obtain any information, but any t + 1 players obtain full information about the secret. The round complexity of a VSS protocol is defined as the number of rounds performed in the sharing phase. Gennaro, Ishai, Kushilevitz and Rabin showed that three rounds are necessary and sufficient when n > 3t. Sufficiency, however, was only demonstrated by means of an inefficient (i.e., exponential-time) protocol and the construction of inefficient three-round protocol were left as an open problem. In this paper, we present an efficient three-round protocol for VSS. The solution is based on a three-round solution of so-called weak verifiable secret sharing (WSS), for which we also prove that three rounds are a lower bound. Furthermore, we also demonstrate that one round is sufficient for WSS when n > 4t, and that VSS can be achieved in 1 + " amortized rounds (for any " > 0) when n > 3t

Динамические коалиции — новая парадигма в области распределенных компьютерно-коммуникационных систем. Ч.2. Обзор и сравнительная характеристика практических методов построения динамических коалиционных сред

Статья является продолжением обзора, посвященного защите информации в групповых коалиционных объединениях. Рассматриваются существующие практические подходы к построению различных коалиционных сред, приводится их сравнительная характеристика.Стаття є продовженням огляду, присвяченого захисту інформації в коаліційних угрупованнях. Розглядаються наявні практичні підходи до побудови різноманітних коаліційних середовищ, наводиться їх порівняльна характеристикаThis work proceeds with the review of security issues, present in dynamic coalition environments. Description of modern practical approaches to a problem of building dynamic coalitions is proposed. Comparison of these approaches is also present

Blockchain based End-to-end Tracking System for Distributed IoT Intelligence Application Security Enhancement

IoT devices provide a rich data source that is not available in the past, which is valuable for a wide range of intelligence applications, especially deep neural network (DNN) applications that are data-thirsty. An established DNN model in turn provides useful analysis results that can improve the operation of IoT systems. The progress in distributed/federated DNN training further unleashes the potential of integration of IoT and intelligence applications. When a large number of IoT devices deployed in different physical locations, distributed training allows training modules to be deployed to multiple edge data centers that are close to the IoT devices to reduce the latency and movement of large amounts of data. In practice, these IoT devices and edge data centers are usually owned and managed by different parties, who do not fully trust each other or have conflicting interests. It is hard to coordinate them to provide an end-to-end integrity protection of the DNN construction and application with classical security enhancement tools. For example, one party may share an incomplete data set with others, or contribute a modified sub DNN model to manipulate the aggregated model and affect the decision-making process. To mitigate this risk, we propose a novel blockchain based end-toend integrity protection scheme for DNN applications integrated with an IoT system in the edge computing environment. The protection system leverages a set of cryptography primitives to build a blockchain adapted for edge computing that is scalable to handle a large number of IoT devices. The customized blockchain is integrated with a distributed/federated DNN to offer integrity and authenticity protection services

Robust distributed symmetric-key encryption

In distributed symmetric-key encryption (DiSE), a set of n distributed servers share a key (or key set) and any t, t <= n, servers can collectively use the shared key (or key set) in a DiSE transaction to encrypt a message or decrypt a ciphertext without reconstructing the shared key (or key set). Each participating server contributes one or more partial results and one participating server called the initiator combines all partial results into a final result. An adversary who has compromised up to (t-1) servers will not be able to access the shared key (or key set). Due to the distributed nature of DiSE, a DiSE server that has been compromised by an adversary may return wrong partial results to the initiator. Worse, multiple DiSE servers compromised by the same adversary may collude to send back wrong partial results. In this article we developed a robust DiSE that allows an honest initiator to detect wrong partial results by an adversary. The robustness of our DiSE is built through redundant computation. Our robust DiSE can detect wrong partial results by an adversary who has compromised up to min(t-1, n-t) servers. Next, the honest-initiator assumption is removed by rotating the initiator role among active servers across multiple DiSE transactions. A scalable, industry-level implementation for the robust DiSE has been developed and two cases, (t=3, n=5) and (t=16, n=24), have been tested to show the feasibility of robust DiSE. Our robust DiSE can be used to build intrusion-tolerant applications, such as intrusion-tolerant database encryption

Final report for the mobile node authentication LDRD project.

In hostile ad hoc wireless communication environments, such as battlefield networks, end-node authentication is critical. In a wired infrastructure, this authentication service is typically facilitated by a centrally-located ''authentication certificate generator'' such as a Certificate Authority (CA) server. This centralized approach is ill-suited to meet the needs of mobile ad hoc networks, such as those required by military systems, because of the unpredictable connectivity and dynamic routing. There is a need for a secure and robust approach to mobile node authentication. Current mechanisms either assign a pre-shared key (shared by all participating parties) or require that each node retain a collection of individual keys that are used to communicate with other individual nodes. Both of these approaches have scalability issues and allow a single compromised node to jeopardize the entire mobile node community. In this report, we propose replacing the centralized CA with a distributed CA whose responsibilities are shared between a set of select network nodes. To that end, we develop a protocol that relies on threshold cryptography to perform the fundamental CA duties in a distributed fashion. The protocol is meticulously defined and is implemented it in a series of detailed models. Using these models, mobile wireless scenarios were created on a communication simulator to test the protocol in an operational environment and to gather statistics on its scalability and performance

Firmas de umbral para procesos electorales

Esta memoria pretende resumir y estructurar las conclusiones que se derivan del estudio de las posibilidades que ofrece la firma RSA de umbral en los procesos de votación electrónica. Los objetivos del mismo han sido: * Estudiar el estado del arte en lo referente a firmas RSA de umbral. * Desarrollar un protocolo integral de firma RSA que sea distribuido y robusto. * Determinar la viabilidad de dicho protocolo y sus prestaciones. * Proponer mejoras de cara a futuras investigaciones en este campo.. El objetivo de este proyecto es diseñar un protocolo práctico y seguro para realizar firmas de umbral en el ámbito de los procesos electorales