62,802 research outputs found
Special Signature Schemes and Key Agreement Protocols
This thesis is divided into two distinct parts. The first part of
the thesis explores various deniable signature schemes and their
applications. Such schemes do not bind a unique public key to a
message, but rather specify a set of entities that could have
created the signature, so each entity involved in the signature can
deny having generated it. The main deniable signature schemes we
examine are ring signature schemes.
Ring signatures can be used to construct designated verifier
signature schemes, which are closely related to designated verifier
proof systems. We provide previously lacking formal definitions and
security models for designated verifier proofs and signatures and
examine their relationship to undeniable signature schemes.
Ring signature schemes also have applications in the context of fair
exchange of signatures. We introduce the notion of concurrent
signatures, which can be constructed using ring signatures, and
which provide a "near solution" to the problem of fair exchange.
Concurrent signatures are more efficient than traditional solutions
for fair exchange at the cost of some of the security guaranteed by
traditional solutions.
The second part of the thesis is concerned with the security of
two-party key agreement protocols. It has traditionally been
difficult to prove that a key agreement protocol satisfies a formal
definition of security. A modular approach to constructing provably
secure key agreement protocols was proposed, but the approach
generally results in less efficient protocols.
We examine the relationships between various well-known models of
security and introduce a modular approach to the construction of
proofs of security for key agreement protocols in such security
models. Our approach simplifies the proof process, enabling us to
provide proofs of security for several efficient key agreement
protocols in the literature that were previously unproven
On Security Notions for Verifiable Encrypted Signature
First we revisit three - BGLS, MBGLS and GZZ verifiably encrypted
signature schemes[2,3,6].We find that they are all
not strong unforgeable.We remark that the notion of existential
unforgeable is not sufficient for fair exchange protocols in most
circumstances.So we propose three new - NBGLS, MBGLS and NGZZ
verifiably encrypted signature schemes which are strong unforgeable.
Also we reconsider other two - ZSS and CA verifiably encrypted
signature schemes[4,8], we find that they both cannot
resist replacing public key attack. So we strongly suggest that
strong unforgeable for verifiably encrypted signature maybe a better
notion than existential unforgeable and checking adjudicator knowing
its private key is a necessary step for secure verifiably encrypted
signature scheme
Bitcoin Transaction Malleability and MtGox
In Bitcoin, transaction malleability describes the fact that the signatures
that prove the ownership of bitcoins being transferred in a transaction do not
provide any integrity guarantee for the signatures themselves. This allows an
attacker to mount a malleability attack in which it intercepts, modifies, and
rebroadcasts a transaction, causing the transaction issuer to believe that the
original transaction was not confirmed. In February 2014 MtGox, once the
largest Bitcoin exchange, closed and filed for bankruptcy claiming that
attackers used malleability attacks to drain its accounts. In this work we use
traces of the Bitcoin network for over a year preceding the filing to show
that, while the problem is real, there was no widespread use of malleability
attacks before the closure of MtGox
An Elliptic Curve-based Signcryption Scheme with Forward Secrecy
An elliptic curve-based signcryption scheme is introduced in this paper that
effectively combines the functionalities of digital signature and encryption,
and decreases the computational costs and communication overheads in comparison
with the traditional signature-then-encryption schemes. It simultaneously
provides the attributes of message confidentiality, authentication, integrity,
unforgeability, non-repudiation, public verifiability, and forward secrecy of
message confidentiality. Since it is based on elliptic curves and can use any
fast and secure symmetric algorithm for encrypting messages, it has great
advantages to be used for security establishments in store-and-forward
applications and when dealing with resource-constrained devices.Comment: 13 Pages, 5 Figures, 2 Table
Dynamic and Public Evaluation Using Accurate Cloud Data in Imbalance
Customers of cloud services lose control over their data, making it more difficult to ensure its safety. New methods such as "provable data ownership" and "proofs of irretrievability" have been created as a solution to this problem; however, they are designed to audit static archive material and hence do not take data dynamics into consideration. As an added complication, the threat models used by these schemes often assume the data owner to be trustworthy and focus on identifying a hostile cloud service provider, even if the latter might be the source of any harmful action. Thus, there should be a public auditing mechanism that takes data dynamics into account and uses fair means to settle disputes. Specifically, we develop an index switcher to effectively handle data dynamics by doing away with the limitation of index use in tag computation imposed by conventional methods. We create new extensions to existing threat models and use the signature exchange idea to design fair arbitration mechanisms for resolving future disputes, all with the goal of ensuring that no one may participate in unfair activity without being discovered. Our approach seems secure, according to the security analysis, and the performance evaluation indicates that the extra work required for data dynamics and conflict resolution is not insurmountable
Proof-of-Prestige: A Useful Work Reward System for Unverifiable Tasks
As cryptographic tokens and altcoins are increasingly being built to serve as
utility tokens, the notion of useful work consensus protocols, as opposed to
number-crunching PoW consensus, is becoming ever more important. In such
contexts, users get rewards from the network after they have carried out some
specific task useful for the network. While in some cases the proof of some
utility or service can be proved, the majority of tasks are impossible to
verify. In order to deal with such cases, we design Proof-of-Prestige (PoP) - a
reward system that can run on top of Proof-of-Stake blockchains. PoP introduces
prestige which is a volatile resource and, in contrast to coins, regenerates
over time. Prestige can be gained by performing useful work, spent when
benefiting from services and directly translates to users minting power. PoP is
resistant against Sybil and Collude attacks and can be used to reward workers
for completing unverifiable tasks, while keeping the system free for the
end-users. We use two exemplar use-cases to showcase the usefulness of PoP and
we build a simulator to assess the cryptoeconomic behaviour of the system in
terms of prestige transfer between nodes.Comment: 2019 IEEE International Conference on Blockchain and Cryptocurrency
(ICBC 2019
Instantaneous Decentralized Poker
We present efficient protocols for amortized secure multiparty computation
with penalties and secure cash distribution, of which poker is a prime example.
Our protocols have an initial phase where the parties interact with a
cryptocurrency network, that then enables them to interact only among
themselves over the course of playing many poker games in which money changes
hands.
The high efficiency of our protocols is achieved by harnessing the power of
stateful contracts. Compared to the limited expressive power of Bitcoin
scripts, stateful contracts enable richer forms of interaction between standard
secure computation and a cryptocurrency.
We formalize the stateful contract model and the security notions that our
protocols accomplish, and provide proofs using the simulation paradigm.
Moreover, we provide a reference implementation in Ethereum/Solidity for the
stateful contracts that our protocols are based on.
We also adopt our off-chain cash distribution protocols to the special case
of stateful duplex micropayment channels, which are of independent interest. In
comparison to Bitcoin based payment channels, our duplex channel implementation
is more efficient and has additional features
- …