A Secure Cooperative Sensing Protocol for Cognitive Radio Networks

Cognitive radio networks sense spectrum occupancy and manage themselves to operate in unused bands without disturbing licensed users. Spectrum sensing is more accurate if jointly performed by several reliable nodes. Even though cooperative sensing is an active area of research, the secure authentication of local sensing reports remains unsolved, thus empowering false results. This paper presents a distributed protocol based on digital signatures and hash functions, and an analysis of its security features. The system allows determining a final sensing decision from multiple sources in a quick and secure way.Las redes de radio cognitiva detectora de espectro se las arreglan para operar en las nuevas bandas sin molestar a los usuarios con licencia. La detección de espectro es más precisa si el conjunto está realizado por varios nodos fiables. Aunque la detección cooperativa es un área activa de investigación, la autenticación segura de informes locales de detección no ha sido resuelta, por lo tanto se pueden dar resultados falsos. Este trabajo presenta un protocolo distribuido basado en firmas digitales y en funciones hash, y un análisis de sus características de seguridad. El sistema permite determinar una decisión final de detección de múltiples fuentes de una manera rápida y segura.Les xarxes de ràdio cognitiva detectora d'espectre se les arreglen per operar en les noves bandes sense destorbar els usuaris amb llicència. La detecció d'espectre és més precisa si el conjunt està realitzat per diversos nodes fiables. Encara que la detecció cooperativa és una àrea activa d'investigació, l'autenticació segura d'informes locals de detecció no ha estat resolta, per tant es poden donar resultats falsos. Aquest treball presenta un protocol distribuït basat en signatures digitals i en funcions hash, i una anàlisi de les seves característiques de seguretat. El sistema permet determinar una decisió final de detecció de múltiples fonts d'una manera ràpida i segura

Design and Implementation on Helix Platform of Multicast Source Authentication Scheme Based on One-time Signature

组播技术实现了网络中点到多点的高效数据传送。因为组播能够有效地节约网络带宽、降低网络负载，所以在实时数据传送、多媒体会议、数据拷贝、游戏和仿真等诸多方面都有广泛的应用。安全问题是任何网络协议都需要考虑的一个基本问题，组播安全与单播情况下的安全有许多不同。组播源认证，即在组播环境下认证每个包的来源，是组播安全的一个重要课题。单播情况下的解决方法，如MAC（消息认证码），无法在组播环境下使用。一次签名是一类基于无陷门单向函数的快速的数字签名，结合使用Merkle树来进行密钥管理，可用来构造组播源认证方案。一次签名方案的缺陷在于公钥较长，从而导致认证信息较长。本文的第一个工作是提出使用Merkle树...Multicast is an effective mean to transport data from one point to multiple points on networks. Multicast reduces network overload and saves bandwidth, so it has been found a lot applications, such as real-time data transportation, multi-media conferences, data backup, games and simulations. Security is a fundamental problem of any network protocols. Multicast security is quite different from U...学位：工学硕士院系专业：计算机与信息工程学院计算机科学系_计算机应用技术学号：20032800

DocCert: Nostrification, Document Verification and Authenticity Blockchain Solution

Many institutions and organizations require nostrification and verification of qualification as a prerequisite for hiring. The idea is to recognize the authenticity of a copy or digital document issued by an institution in a foreign country and detect forgeries. Certificates, financial records, health records, official papers and others are often required to be attested from multiple entities in distinct locations. However, in this digital era where most applications happen online, and document copies are uploaded, the traditional signature and seal methods are obsolete. In a matter of minutes and with a simple photo editor, a certificate or document copy may be plagiarized or forged. Blockchain technology offers a decentralized approach to record and verify transactions without the need for huge infrastructure investment. In this paper, we propose a blockchain based nostrification system, where awarding institutions generate a digital certificate, store in a public but permissioned blockchain, where students and other stakeholders may verify. We present a thorough discussion and formal evaluation of the proposed system.Comment: The Fifth International Conference on Blockchain Computing and Applications (BCCA 2023), held in Conjunction with Kuwait Fintech and Blockchain Summit 2023, 24,26 Oct 2023, Kuwait City, Kuwai

Enhancing transaction verification through pruned merkle tree in blockchain

A Merkle tree is a data structure employed within Blockchain technology to securely verify information or transactions within a vast data collection. This paper proposes a new and improved verification method, Pruned Merkle Tree (PMT), for hash nodes marching to the Merkle Root in a Minimal duration. PMT is a unique mechanism for verifying unpaired transactions in a block. The future influence of cryptocurrency will be immense, and PMT showcases its effectiveness in terms of transaction speed and node repetition. Our method allows any block to validate the full availability of transactions without repeating hash nodes and focuses on improving the transaction process through the Pruned Merkle Tree and achieving remarkable results. To assess the performance of the proposed system, we used Hyperledger Caliper, a benchmarking tool specifically designed for measuring the performance of Hyperledger-based blockchain solutions. The evaluation results show a significant improvement in throughput, with a value of 30450kbps recorded. The processing time has also increased noticeably, reaching 1660ms. Security measures have also been strengthened, yielding an impressive 99.60%. The energy consumption factor plays a crucial role, and the PMT exhibits the lowest value at 235 joules. Keywords: Blockchain, Merkle Tree, Pruned Merkle Tree, Security, Transaction Verificatio

Fast Verification of Hash Chains

mfischlin @ cs.ucsd.ed

Dynamic proofs of retrievability with low server storage

Proofs of Retrievability (PoRs) are protocols which allow a client to store data remotely and to efficiently ensure, via audits, that the entirety of that data is still intact. A dynamic PoR system also supports efficient retrieval and update of any small portion of the data. We propose new, simple protocols for dynamic PoR that are designed for practical efficiency, trading decreased persistent storage for increased server computation, and show in fact that this tradeoff is inherent via a lower bound proof of time-space for any PoR scheme. Notably, ours is the first dynamic PoR which does not require any special encoding of the data stored on the server, meaning it can be trivially composed with any database service or with existing techniques for encryption or redundancy. Our implementation and deployment on Google Cloud Platform demonstrates our solution is scalable: for example, auditing a 1TB file takes just less than 5 minutes and costs less than $0.08 USD. We also present several further enhancements, reducing the amount of client storage, or the communication bandwidth, or allowing public verifiability, wherein any untrusted third party may conduct an audit

Distributed authorization in loosely coupled data federation

The underlying data model of many integrated information systems is a collection of inter-operable and autonomous database systems, namely, a loosely coupled data federation. A challenging security issue in designing such a data federation is to ensure the integrity and confidentiality of data stored in remote databases through distributed authorization of users. Existing solutions in centralized databases are not directly applicable here due to the lack of a centralized authority, and most solutions designed for outsourced databases cannot easily support frequent updates essential to a data federation. In this thesis, we provide a solution in three steps. First, we devise an architecture to support fully distributed, fine-grained, and data-dependent authorization in loosely coupled data federations. For this purpose, we adapt the integrity-lock architecture originally designed for multilevel secure databases to data federations. Second, we propose an integrity mechanism to detect, localize, and verify updates of data stored in remote databases while reducing communication overhead and limiting the impact of unauthorized updates. We realize the mechanism as a three-stage procedure based on a grid of Merkle Hash Trees built on relational tables. Third, we present a confidentiality mechanism to control remote users' accesses to sensitive data while allowing authorization policies to be frequently updated. We achieve this objective through a new over-encryption scheme based on secret sharing. Finally, we evaluate the proposed architecture and mechanisms through experiments

Blockchain, confiança e direito : um pouco além do alarde

Trabalho de Conclusão de Curso (graduação)—Universidade de Brasília, Faculdade de Direito, 2019.Este trabalho se destina a analisar a relevância das Tecnologias de Registro Distribuído, com ênfase no Blockchain, para o Direito, tendo em vista as grandes expectativas sobre essas tecnologias em nível mundial. Para isso, buscou-se uma definição de confiança aplicável ao tema e a correlação entre Direito e Tecnologia. Além de livros e artigos científicos, a pesquisa foi feita também em portais de notícias especializados, dada a atualidade do assunto e, quando cabível, também em itens do ordenamento jurídico brasileiro e internacional. Como resultado, identificou-se a relevância desse novo conjunto de tecnologias em relação ao Direito e algumas de suas limitações quanto a questões de privacidade. Não se trata de um tema fechado e ainda não há consenso sobre como tratar o assunto e suas ramificações. Particularmente com a popularidade crescente das moedas criptográficas, percebe-se uma lacuna de atuação estatal. Assim, é necessário que se mantenha o foco no cerne da questão: confiança.Distributed Ledger Technologies (DLTs), especially Bitcoin´s Blockchain, seems to be a worldwide hype. To understand the relevance of such technologies with Law and thus, for a better understanding of the reasons behind the hype, it is necessary to understand the fundamental sociological quest for trust. In order to harden this understanding, a definition for trust must be found and be broad enough to satisfy both Law and Tech. Since this theme is a new one, in addition to books and scientific articles, this research was also conducted in specialized news portals. As a result, we identified where lies the relevance of this new set of technologies in its convergence with Law and some technological limitations regarding privacy issues. The matter is far from being fulfilled. So far, there is no consensus on how to address the issue and its ramifications. Particularly with the growing popularity of crypto currencies, there is a huge regulation gap. Therefore, the ultimate focus is understanding the underlying\ud matter: trust