180 research outputs found
Authentication Protocols and Privacy Protection
Tato dizertaÄnĂ prĂĄce se zabĂœvĂĄ kryptografickĂœmi prostĆedky pro autentizaci. HlavnĂm tĂ©matem vĆĄak nejsou klasickĂ© autentizaÄnĂ protokoly, kterĂ© nabĂzejĂ pouze ovÄĆenĂ identity, ale tzv. atributovĂ© autentizaÄnĂ systĂ©my, pomocĂ kterĂœch mohou uĆŸivatelĂ© prokazovat svoje osobnĂ atributy. Tyto atributy pak mohou pĆedstavovat jakĂ©koliv osobnĂ informace, napĆ. vÄk, nĂĄrodnost Äi mĂsto narozenĂ. Atributy mohou bĂœt prokazovĂĄny anonymnÄ a s podporou mnoha funkcĂ na ochranu digitĂĄlnĂ identity. Mezi takovĂ© funkce patĆĂ napĆ. nespojitelnost autentizaÄnĂch relacĂ, nesledovatelnost, moĆŸnost vĂœbÄru prokazovanĂœch atributĆŻ Äi efektivnĂ revokace. AtributovĂ© autentizaÄnĂ systĂ©my jsou jiĆŸ nynĂ povaĆŸovĂĄny za nĂĄstupce souÄasnĂœch systĂ©mĆŻ v oficiĂĄlnĂch strategickĂœch plĂĄnech USA (NSTIC) Äi EU (ENISA). ÄĂĄst poĆŸadovanĂœch funkcĂ je jiĆŸ podporovĂĄna existujĂcĂmi kryptografickĂœmi koncepty jako jsou U-Prove Äi idemix. V souÄasnĂ© dobÄ vĆĄak nenĂ znĂĄmĂœ systĂ©m, kterĂœ by poskytoval vĆĄechny potĆebnĂ© funkce na ochranu digitĂĄlnĂ identity a zĂĄroveĆ byl prakticky implementovatelnĂœ na zaĆĂzenĂch, jako jsou ÄipovĂ© karty. Mezi klĂÄovĂ© slabiny souÄasnĂœch systĂ©mĆŻ patĆĂ pĆedevĆĄĂm chybÄjĂcĂ nespojitelnost relacĂ a absence revokace. NenĂ tak moĆŸnĂ© efektivnÄ zneplatnit zaniklĂ© uĆŸivatele, ztracenĂ© Äi ukradenĂ© autentizaÄnĂ karty Äi karty ĆĄkodlivĂœch uĆŸivatelĆŻ. Z tÄchto dĆŻvodĆŻ je v tĂ©to prĂĄci navrĆŸeno kryptografickĂ© schĂ©ma, kterĂ© ĆeĆĄĂ slabiny nalezenĂ© pĆi analĂœze existujĂcĂch ĆeĆĄenĂ. VĂœslednĂ© schĂ©ma, jehoĆŸ nĂĄvrh je zaloĆŸen na ovÄĆenĂœch primitivech, jako jsou -protokoly pro dĆŻkazy znalostĂ, kryptografickĂ© zĂĄvazky Äi ovÄĆitelnĂ© ĆĄifrovĂĄnĂ, pak podporuje vĆĄechny poĆŸadovanĂ© vlastnosti pro ochranu soukromĂ a digitĂĄlnĂ identity. ZĂĄroveĆ je vĆĄak nĂĄvrh snadno implementovatelnĂœ v prostĆedĂ smart-karet. Tato prĂĄce obsahuje plnĂœ kryptografickĂœ nĂĄvrh systĂ©mu, formĂĄlnĂ ovÄĆenĂ klĂÄovĂœch vlastnostĂ, matematickĂœ model schĂ©matu v programu Mathematica pro ovÄĆenĂ funkÄnosti a vĂœsledky experimentĂĄlnĂ implementace v prostĆedĂ .NET smart-karet. I pĆesto, ĆŸe navrhovanĂœ systĂ©m obsahuje podporu vĆĄech funkcĂ na ochranu soukromĂ, vÄetnÄ tÄch, kterĂ© chybĂ u existujĂcĂch systĂ©mĆŻ, jeho vĂœpoÄetnĂ sloĆŸitost zĆŻstĂĄvĂĄ stejnĂĄ Äi niĆŸĆĄĂ, doba ovÄĆenĂ uĆŸivatele je tedy kratĆĄĂ neĆŸ u existujĂcĂch systĂ©mĆŻ. VĂœsledkem je schĂ©ma, kterĂ© mĆŻĆŸe velmi znatelnÄ zvĂœĆĄit ochranu soukromĂ uĆŸivatelĆŻ pĆi jejich ovÄĆovĂĄnĂ, pĆedevĆĄĂm pĆi vyuĆŸitĂ v elektronickĂœch dokladech, pĆĂstupovĂœch systĂ©mech Äi InternetovĂœch sluĆŸbĂĄch.This dissertation thesis deals with the cryptographic constructions for user authentication. Rather than classical authentication protocols which allow only the identity verification, the attribute authentication systems are the main topic of this thesis. The attribute authentication systems allow users to give proofs about the possession of personal attributes. These attributes can represent any personal information, for example age, nationality or birthplace. The attribute ownership can be proven anonymously and with the support of many features for digital identity protection. These features include, e.g., the unlinkability of verification sessions, untraceability, selective disclosure of attributes or efficient revocation. Currently, the attribute authentication systems are considered to be the successors of existing authentication systems by the official strategies of USA (NSTIC) and EU (ENISA). The necessary features are partially provided by existing cryptographic concepts like U-Prove and idemix. But at this moment, there is no system providing all privacy-enhancing features which is implementable on computationally restricted devices like smart-cards. Among all weaknesses of existing systems, the missing unlinkability of verification sessions and the absence of practical revocation are the most critical ones. Without these features, it is currently impossible to invalidate expired users, lost or stolen authentication cards and cards of malicious users. Therefore, a new cryptographic scheme is proposed in this thesis to fix the weaknesses of existing schemes. The resulting scheme, which is based on established primitives like -protocols for proofs of knowledge, cryptographic commitments and verifiable encryption, supports all privacy-enhancing features. At the same time, the scheme is easily implementable on smart-cards. This thesis includes the full cryptographic specification, the formal verification of key properties, the mathematical model for functional verification in Mathematica software and the experimental implementation on .NET smart-cards. Although the scheme supports all privacy-enhancing features which are missing in related work, the computational complexity is the same or lower, thus the time of verification is shorter than in existing systems. With all these features and properties, the resulting scheme can significantly improve the privacy of users during their verification, especially when used in electronic ID systems, access systems or Internet services.
Bringing data minimization to digital wallets at scale with general-purpose zero-knowledge proofs
Today, digital identity management for individuals is either inconvenient and
error-prone or creates undesirable lock-in effects and violates privacy and
security expectations. These shortcomings inhibit the digital transformation in
general and seem particularly concerning in the context of novel applications
such as access control for decentralized autonomous organizations and
identification in the Metaverse. Decentralized or self-sovereign identity (SSI)
aims to offer a solution to this dilemma by empowering individuals to manage
their digital identity through machine-verifiable attestations stored in a
"digital wallet" application on their edge devices. However, when presented to
a relying party, these attestations typically reveal more attributes than
required and allow tracking end users' activities. Several academic works and
practical solutions exist to reduce or avoid such excessive information
disclosure, from simple selective disclosure to data-minimizing anonymous
credentials based on zero-knowledge proofs (ZKPs). We first demonstrate that
the SSI solutions that are currently built with anonymous credentials still
lack essential features such as scalable revocation, certificate chaining, and
integration with secure elements. We then argue that general-purpose ZKPs in
the form of zk-SNARKs can appropriately address these pressing challenges. We
describe our implementation and conduct performance tests on different edge
devices to illustrate that the performance of zk-SNARK-based anonymous
credentials is already practical. We also discuss further advantages that
general-purpose ZKPs can easily provide for digital wallets, for instance, to
create "designated verifier presentations" that facilitate new design options
for digital identity infrastructures that previously were not accessible
because of the threat of man-in-the-middle attacks
BlockVerify: Privacy-Preserving Zero-Knowledge Credentials Verification Framework on Ethereum
We present a general purpose, privacy-preserving framework for verifying user attributes. The framework is designed for users (e.g., a job candidate) to allow a challenger (e.g., a prospective employer) to verify whether the user meets a particular requirement (e.g., does the candidate hold a valid driving license?), without leaking any other information about the user. Importantly, the user is an active part of the challenge-verification process, which ensures that challenges cannot be made without the user's full knowledge and participation. The framework is decentralized and requires a public blockchain. A smart contract is used to manage the challenge-verification process, and zero-knowledge proofs are used to verify challenges in a privacy-preserving manner. We implement a simplified version of the framework using smart contracts deployed on the Ethereum blockchain, and we simulate some simple use cases. All simulation code is available open-source (https://github.com/lifeisbeer/BlockVerify)
Improved Identity Management with Verifiable Credentials and FIDO
We describe how FIDO and W3C VCs can overcome the problems of existing identity management systems. We describe our conceptual
model and architecture, and the protocol we used by extending FIDOâs UAF in order to provide both strong authentication and strong authorization. We built a pilot implementation for U.K. NHS patients to validate our implementation. Patients were able to use a mobile phone with a fingerprint reader to access restricted NHS sites in order to make and cancel appointments and order repeat
prescription drugs. Our initial user trials with 10 U.K. NHS patients found the system to be easy to use, and fingerprints to be preferable to using usernames and passwords for authentication
Anonymous Attribute-Based Credentials in Collaborative Indoor Positioning Systems
Collaborative Indoor Positioning Systems have recently received considerable attention, mainly because they address some of the existing limitations of traditional Indoor Positioning System. In Collaborative Indoor Positioning Systems, Bluetooth Low Energy can be used to exchange positioning data and provide information (the Received Signal Strength Indicator) to establish the relative distance between the actors. The collaborative models exploit the position of actors and the relative position among them to allow positioning to external actors or improve the accuracy of the existing actors. However, the traditional protocols (e.g. iBeacon) are not yet ready for providing sufficient privacy protection. Therefore, this paper deals with privacy-enhancing technologies and their application in Collaborative Indoor Positioning System. In particular, we focus on cryptographic schemes which allow the verification of users without their identification, so-called Anonymous Attribute-Based Credentials schemes. As the main contribution, we present a cryptographic scheme that allows security and privacy-friendly sharing of location information sent through Bluetooth Low Energy advertising packets. In order to demonstrate the practicality of our scheme, we also present the results from our implementation and benchmarks on different devices
Privacy Preserving Cryptographic Protocols for Secure Heterogeneous Networks
DisertaÄnĂ prĂĄce se zabĂœvĂĄ kryptografickĂœmi protokoly poskytujĂcĂ ochranu soukromĂ, kterĂ© jsou urÄeny pro zabezpeÄenĂ komunikaÄnĂch a informaÄnĂch systĂ©mĆŻ tvoĆĂcĂch heterogennĂ sĂtÄ. PrĂĄce se zamÄĆuje pĆedevĆĄĂm na moĆŸnosti vyuĆŸitĂ nekonvenÄnĂch kryptografickĂœch prostĆedkĆŻ, kterĂ© poskytujĂ rozĆĄĂĆenĂ© bezpeÄnostnĂ poĆŸadavky, jako je napĆĂklad ochrana soukromĂ uĆŸivatelĆŻ komunikaÄnĂho systĂ©mu. V prĂĄci je stanovena vĂœpoÄetnĂ nĂĄroÄnost kryptografickĂœch a matematickĂœch primitiv na rĆŻznĂœch zaĆĂzenĂch, kterĂ© se podĂlĂ na zabezpeÄenĂ heterogennĂ sĂtÄ. HlavnĂ cĂle prĂĄce se zamÄĆujĂ na nĂĄvrh pokroÄilĂœch kryptografickĂœch protokolĆŻ poskytujĂcĂch ochranu soukromĂ. V prĂĄci jsou navrĆŸeny celkovÄ tĆi protokoly, kterĂ© vyuĆŸĂvajĂ skupinovĂœch podpisĆŻ zaloĆŸenĂœch na bilineĂĄrnĂm pĂĄrovĂĄnĂ pro zajiĆĄtÄnĂ ochrany soukromĂ uĆŸivatelĆŻ. Tyto navrĆŸenĂ© protokoly zajiĆĄĆ„ujĂ ochranu soukromĂ a nepopiratelnost po celou dobu datovĂ© komunikace spolu s autentizacĂ a integritou pĆenĂĄĆĄenĂœch zprĂĄv. Pro navĂœĆĄenĂ vĂœkonnosti navrĆŸenĂœch protokolĆŻ je vyuĆŸito optimalizaÄnĂch technik, napĆ. dĂĄvkovĂ©ho ovÄĆovĂĄnĂ, tak aby protokoly byly praktickĂ© i pro heterogennĂ sĂtÄ.The dissertation thesis deals with privacy-preserving cryptographic protocols for secure communication and information systems forming heterogeneous networks. The thesis focuses on the possibilities of using non-conventional cryptographic primitives that provide enhanced security features, such as the protection of user privacy in communication systems. In the dissertation, the performance of cryptographic and mathematic primitives on various devices that participate in the security of heterogeneous networks is evaluated. The main objectives of the thesis focus on the design of advanced privacy-preserving cryptographic protocols. There are three designed protocols which use pairing-based group signatures to ensure user privacy. These proposals ensure the protection of user privacy together with the authentication, integrity and non-repudiation of transmitted messages during communication. The protocols employ the optimization techniques such as batch verification to increase their performance and become more practical in heterogeneous networks.
Leak-Free Mediated Group Signatures
Group signatures are a useful cryptographic construct for privacy-preserving non-repudiable authentication, and there have been many group signature schemes. In this paper, we introduce a variant of group signatures that offers two new security properties called leak-freedom and immediate-revocation. Intuitively, the former ensures that an insider (i.e., an authorized but malicious signer) be unable to convince an outsider (e.g., signature receiver) that she indeed signed a certain message; whereas the latter ensures that the authorization for a user to issue group signatures can be immediately revoked whenever the need arises (temporarily or permanently). These properties are not offered in existing group signature schemes, nor captured by their security definitions. However, these properties might be crucial to a large class of enterprise-centric applications because they are desirable from the perspective of the enterprises who adopt group signatures or are the group signatures liability-holders (i.e., will be hold accountable for the consequences of group signatures). In addition to introducing these new securit
Trollthrottle -- Raising the Cost of Astroturfing
Astroturfing, i.e., the fabrication of public discourse by private or
state-controlled sponsors via the creation of fake online accounts, has become
incredibly widespread in recent years. It gives a disproportionally strong
voice to wealthy and technology-savvy actors, permits targeted attacks on
public forums and could in the long run harm the trust users have in the
internet as a communication platform. Countering these efforts without
deanonymising the participants has not yet proven effective; however, we can
raise the cost of astroturfing. Following the principle `one person, one
voice', we introduce Trollthrottle, a protocol that limits the number of
comments a single person can post on participating websites. Using direct
anonymous attestation and a public ledger, the user is free to choose any
nickname, but the number of comments is aggregated over all posts on all
websites, no matter which nickname was used. We demonstrate the deployability
of Trollthrottle by retrofitting it to the popular news aggregator website
Reddit and by evaluating the cost of deployment for the scenario of a national
newspaper (168k comments per day), an international newspaper (268k c/d) and
Reddit itself (4.9M c/d)
Issuer-Hiding Attribute-Based Credentials
Attribute-based credential systems enable users to authenticate in a privacy-preserving manner.
However, in such schemes verifying a user\u27s credential requires knowledge of the issuer\u27s public key, which by itself might already reveal private information about the user.
In this paper, we tackle this problem by introducing the notion of issuer-hiding attribute-based credential systems.
In such a system, the verifier can define a set of acceptable issuers in an ad-hoc manner, and the user can then prove that her credential was issued by one of the accepted issuers -- without revealing which one.
We then provide a generic construction, as well as a concrete instantiation based on Groth\u27s structure preserving signature scheme (ASIACRYPT\u2715) and simulation-sound extractable NIZK, for which we also provide concrete benchmarks in order to prove its practicability.
The online complexity of all constructions is independent of the number of acceptable verifiers, which makes it also suitable for highly federated scenarios
Readiness of Anonymous Credentials for Real Environment Deployment
Attribute-based Credentials (ABCs) are a promising technology for protecting users' privacy and digital identity. We can use ABCs in a multitude of contexts. For instance, we can prove the validity of transportation tickets, demonstrate the legal age, prove the health status, or prove access rights in the company environment. All of this, we can do without disclosing complete personal identity. Nevertheless, ABCs generally require computational power that some wearable devices cannot cope with. In this paper, we present our implementation of a privacy-enhancing authentication system based on ABCs technology. The system is suitable for deployment in real-world scenarios and uses a wide range of differently powerful user devices (e.g., smart cards, smartphones, and wearables). Based on our implementation results, we also discuss the implementations aspects of ABCs, their readiness, and usability in real-world applications
- âŠ