Efficient Revocable ID-Based Signature With Cloud Revocation Server

Over the last few years, identity-based cryptosystem (IBC) has attracted widespread attention because it avoids the high overheads associated with public key certificate management. However, an unsolved but critical issue about IBC is how to revoke a misbehaving user. There are some revocable identity-based encryption schemes that have been proposed recently, but little work on the revocation problem of identity-based signature has been undertaken so far. One approach for revocation in identity-based settings is to update users\u27 private keys periodically, which is usually done by the key generation center (KGC). But with this approach, the load on the KGC will increase quickly when the number of users increases. In this paper, we propose an efficient revocable identity-based signature (RIBS) scheme in which the revocation functionality is outsourced to a cloud revocation server (CRS). In our proposed approach, most of the computations needed during key-updates are offloaded to the CRS. We describe the new framework and the security model for the RIBS scheme with CRS and we prove that the proposed scheme is existentially unforgeable against adaptively chosen messages and identity attacks in the random oracle model. Furthermore, we monstrate that our scheme outperforms previous IBS schemes in terms of lower computation and communication costs

A Closer Look at Multiple Forking: Leveraging (In)dependence for a Tighter Bound

Boldyreva et al. introduced the notion of multiple forking (MF) as an extension of (general) forking to accommodate nested oracle replay attacks. The primary objective of a (multiple) forking algorithm is to separate out the oracle replay attack from the actual simulation of protocol to the adversary, and this is achieved through the intermediary of a so-called wrapper algorithm. Multiple forking has turned out to be a useful tool in the security argument of several cryptographic protocols. However, a reduction employing the MF Algorithm incurs a significant degradation of O(q^2n), where q denotes the upper bound on the underlying random oracle calls and n, the number of forking. In this work we take a closer look at the reasons for the degradation with a tighter security bound in mind. We nail down the exact set of conditions for the success of the MF Algorithm. A careful analysis of the protocols (and corresponding security argument) employing multiple forking allow us to relax the overly restrictive conditions of the original MF Algorithm. To achieve this, we club two consecutive invocations of the underlying wrapper into a single logical unit of wrapper Z. We then use Z to formulate the notion of dependence and independence among different rounds of the wrapper in the MF Algorithm. The (in)dependence conditions lead to a general framework for multiple forking and significantly better bound for the MF Algorithm. Leveraging (in)dependence to the full reduces the degradation from O(q^2n) to O(q^n). By implication, the cost of a forking involving two random oracles (augmented forking) matches that involving a single random oracle (elementary forking). Finally, we study the effect of these observations on the security of the existing schemes. We conclude that by careful design of the protocol (and the wrapper in the security reduction) it is possible to harness our observations to the full extent

Critical Perspectives on Provable Security: Fifteen Years of Another Look Papers

We give an overview of our critiques of “proofs” of security and a guide to our papers on the subject that have appeared over the past decade and a half. We also provide numerous additional examples and a few updates and errata

Check before storing: what is the performance price of content integrity verification in LRU caching?

In some network and application scenarios, it is useful to cache content in network nodes on the fly, at line rate. Resilience of in-network caches can be improved by guaranteeing that all content therein stored is valid. Digital signatures could be indeed used to verify content integrity and provenance. However, their operation may be much slower than the line rate, thus limiting caching of cryptographically verified objects to a small subset of the forwarded ones. How this affects caching performance? To answer such a question, we devise a simple analytical approach which permits to assess performance of an LRU caching strategy storing a randomly sampled subset of requests. A key feature of our model is the ability to handle traffic beyond the traditional Independent Reference Model, thus permitting us to understand how performance vary in different temporal locality conditions. Results, also verified on real world traces, show that content integrity verification does not necessarily bring about a performance penalty; rather, in some specific (but practical) conditions, performance may even improve

Tight reduction for generic construction of certificateless signature and its instantiation from DDH assumption

Certificateless signature was proposed by Al-Riyami and Paterson to eliminate the certificate management in the public-key infrastructures and solve the key escrow problem in the identity-based signature. In 2007, Hu et al. proposed a generic construction of certificateless signature. They construct certificateless signature scheme from any standard identity-based signature and signature scheme.However, their security reduction is loose; the security of the constructed scheme depends on the number of users. In this paper, we give the tight reduction for their construction and instantiate a tightly-secure certificateless signature scheme without pairing from DDH assumption. Best of our knowledge, this scheme is the first tightly-secure certificateless signature scheme

Perceptions of Bilingualism and Home Language Maintenance and Loss: A Study of Latino Parents at a San Francisco Bay Area Elementary Charter School

There is limited research that investigates parent perceptions with respect to their early elementary school children\u27s home language use. To fill the gap in research, this study explores the relationship between first generation Latino parent perspectives of bilingualism, home language maintenance and loss, and the intersection of culture and identity in an elementary school community. It also investigates how parents create an additive bilingual environment in the home. This participatory action research (PAR) study involved group dialogue sessions and individual interviews in order to engage co-researchers and participants. PAR provided this study with the structure and tools to change and improve upon the current problems that some of the participants were experiencing, while capitalizing on ways in which other participants were successfully maintaining the home language. The findings included dialogue transcriptions and summaries organized within generative themes. The participants perceived home language maintenance as an important goal regarding family communication and relationship building, cultural preservation, and a better future in the professional world. Their perceptions of bilingualism and attitudes did influence their children\u27s Spanish maintenance or loss. In addition, the participants\u27 ethnic and social identities had an impact on their own language choice, but not necessarily on that of their children. Finally, the group shared home language maintenance strategies that contributed to an additive bilingual environment in the home, highlighting the Spanish Only rule within the home space, which was perceived to be the most effective method. This study illustrated the complexity of language maintenance and its relationship to the following components: perceptions and attitudes; personal histories, or counterstories; personal paradigms; and social, cultural, and economic factors. The research concluded with an action plan to share findings with school staff and other Latino parents interested in home language maintenance

Biometric Cryptosystems : Authentication, Encryption and Signature for Biometric Identities

Biometrics have been used for secure identification and authentication for more than two decades since biometric data is unique, non-transferable, unforgettable, and always with us. Recently, biometrics has pervaded other aspects of security applications that can be listed under the topic of ``Biometric Cryptosystems''. Although the security of some of these systems is questionable when they are utilized alone, integration with other technologies such as digital signatures or Identity Based Encryption (IBE) schemes results in cryptographically secure applications of biometrics. It is exactly this field of biometric cryptosystems that we focused in this thesis. In particular, our goal is to design cryptographic protocols for biometrics in the framework of a realistic security model with a security reduction. Our protocols are designed for biometric based encryption, signature and remote authentication. We first analyze the recently introduced biometric remote authentication schemes designed according to the security model of Bringer et al.. In this model, we show that one can improve the database storage cost significantly by designing a new architecture, which is a two-factor authentication protocol. This construction is also secure against the new attacks we present, which disprove the claimed security of remote authentication schemes, in particular the ones requiring a secure sketch. Thus, we introduce a new notion called ``Weak-identity Privacy'' and propose a new construction by combining cancelable biometrics and distributed remote authentication in order to obtain a highly secure biometric authentication system. We continue our research on biometric remote authentication by analyzing the security issues of multi-factor biometric authentication (MFBA). We formally describe the security model for MFBA that captures simultaneous attacks against these systems and define the notion of user privacy, where the goal of the adversary is to impersonate a client to the server. We design a new protocol by combining bipartite biotokens, homomorphic encryption and zero-knowledge proofs and provide a security reduction to achieve user privacy. The main difference of this MFBA protocol is that the server-side computations are performed in the encrypted domain but without requiring a decryption key for the authentication decision of the server. Thus, leakage of the secret key of any system component does not affect the security of the scheme as opposed to the current biometric systems involving cryptographic techniques. We also show that there is a tradeoff between the security level the scheme achieves and the requirement for making the authentication decision without using any secret key. In the second part of the thesis, we delve into biometric-based signature and encryption schemes. We start by designing a new biometric IBS system that is based on the currently most efficient pairing based signature scheme in the literature. We prove the security of our new scheme in the framework of a stronger model compared to existing adversarial models for fuzzy IBS, which basically simulates the leakage of partial secret key components of the challenge identity. In accordance with the novel features of this scheme, we describe a new biometric IBE system called as BIO-IBE. BIO-IBE differs from the current fuzzy systems with its key generation method that not only allows for a larger set of encryption systems to function for biometric identities, but also provides a better accuracy/identification of the users in the system. In this context, BIO-IBE is the first scheme that allows for the use of multi-modal biometrics to avoid collision attacks. Finally, BIO-IBE outperforms the current schemes and for small-universe of attributes, it is secure in the standard model with a better efficiency compared to its counterpart. Another contribution of this thesis is the design of biometric IBE systems without using pairings. In fact, current fuzzy IBE schemes are secure under (stronger) bilinear assumptions and the decryption of each message requires pairing computations almost equal to the number of attributes defining the user. Thus, fuzzy IBE makes error-tolerant encryption possible at the expense of efficiency and security. Hence, we design a completely new construction for biometric IBE based on error-correcting codes, generic conversion schemes and weakly secure anonymous IBE schemes that encrypt a message bit by bit. The resulting scheme is anonymous, highly secure and more efficient compared to pairing-based biometric IBE, especially for the decryption phase. The security of our generic construction is reduced to the security of the anonymous IBE scheme, which is based on the Quadratic Residuosity assumption. The binding of biometric features to the user's identity is achieved similar to BIO-IBE, thus, preserving the advantages of its key generation procedure

Latino/a First Generation Students in College: A Mixed Methods Review of Four-Decades of Literature

The research was a mixed methods review of the experiences of Latino/a First Generation students in college. Their experiences were identified through a quantitative component of identifying what had been published pertinent to this demographic and sectioning those publications into one of four decades when they were distributed. This quantitative portion of the research included a review of all published articles on the subject that appear in four scholarly, peer-reviewed journals from its inaugural issue to its final issue on December, 2020. The total publications analyzed were 5,103.The qualitative portion of the research comprised interviews of sixteen Latinos/as who were first in their families to attend college; four from each of four decades of research interest. Moreover, these participants were also identified as having attended an academic institution that was either a public, private, community college, or HBCU/HSI institution. Covid 19 mandates of social distancing were adhered to and interviews were conducted via virtual meeting software. Research findings indicated that financing college was of greatest concern to the research participants across all parameters, and this was corroborated with the number of publications on the topic; this held true for each decade of investigation. Additional areas of mixed-methodological agreement were related to Academic preparation; Teachers-mentors; Family Involvement, Structure & finances; Parental Expectations; Perseverance, Resiliency & Persistence; Access, Assistance & resources; Identity; and Community College. The findings led to two recommendations for institutional modification related to funding for education and pre-collegiate preparation programs like AVID and Puente. One additional recommendation was made to create a new perspective related to universities and their public school partners

PATTERNS OF MOLECULAR POPULATION GENETIC AND PHENOTYPIC VARIATION ASSOCIATED WITH URBANIZATION IN THE WESTERN BLACK WIDOW SPIDER

In urban population genetic studies, the urban fragmentation model predicts that urbanization acts as a barrier that isolates native populations, and can lead to reduced gene flow and increased genetic drift between populations. The “urban facilitation model” predicts urban areas act as corridors to increase dispersal among urban areas, and can lead to higher genetic diversity within and lower differentiation between urban areas. In a review of the current literature, we found that there is no consistent signature of reduced within-population genetic diversity or increased between-population genetic differentiation. Analyses that investigate the urban barriers to gene flow also found no consistent results. Thus, the response to urbanization may be species and city specific. We used social network genetic analyses, which can identify connections that both fragment and facilitate gene flow, to investigate the impact of anthropogenic disturbance on connectivity in a model urban pest of significant medical-relevance, the Western black widow spider, Latrodectus hesperus. In comparison to non-urban locales, urban locales have higher within-population genetic diversity, lower between-population genetic differentiation, and higher overall estimates of genetic connectivity. We found that not all cities are highly connected, with specific urban hubs driving gene flow among historically isolated non-urban locales. We compared and contrasted our previous broad-scale patterns of urban gene flow with a new fine-scale locale sampling from within three Southwestern U.S. cities. Urban areas have significantly different patterns of connectivity to the overall network that generate contrasting patterns of within- and between-city genetic diversity. There is significant heterogeneity among the fine-scale city samples, such that certain urban hubs are impacting the network of urban and non-urban locales on the whole. We examined differences in gene expression between three paired urban and non-urban populations from the cephalothorax (metabolism), ovary (fertility), and silk glands (web architecture). There is significant differential expression in each tissue type observed between urban and non-urban locales, among both urban and among non-urban locales, and specific to geographic locations independent of urban or non-urban habitat. These results imply that not all cities are created equal with respect to demographic and gene flow patterns, but also with phenotypic patterns