New Conditional Privacy-preserving Encryption Schemes in Communication Network

Nowadays the communication networks have acted as nearly the most important fundamental infrastructure in our human society. The basic service provided by the communication networks are like that provided by the ubiquitous public utilities. For example, the cable television network provides the distribution of information to its subscribers, which is much like the water or gas supply systems which distribute the commodities to citizens. The communication network also facilitates the development of many network-based applications such as industrial pipeline controlling in the industrial network, voice over long-term evolution (VoLTE) in the mobile network and mixture reality (MR) in the computer network, etc. Since the communication network plays such a vital role in almost every aspect of our life, undoubtedly, the information transmitted over it should be guarded properly. Roughly, such information can be categorized into either the communicated message or the sensitive information related to the users. Since we already got cryptographical tools, such as encryption schemes, to ensure the confidentiality of communicated messages, it is the sensitive personal information which should be paid special attentions to. Moreover, for the benefit of reducing the network burden in some instances, it may require that only communication information among legitimated users, such as streaming media service subscribers, can be stored and then relayed in the network. In this case, the network should be empowered with the capability to verify whether the transmitted message is exchanged between legitimated users without leaking the privacy of those users. Meanwhile, the intended receiver of a transmitted message should be able to identify the exact message sender for future communication. In order to cater to those requirements, we re-define a notion named conditional user privacy preservation. In this thesis, we investigate the problem how to preserve user conditional privacy in pubic key encryption schemes, which are used to secure the transmitted information in the communication networks. In fact, even the term conditional privacy preservation has appeared in existing works before, there still have great differences between our conditional privacy preservation definition and the one proposed before. For example, in our definition, we do not need a trusted third party (TTP) to help tracing the sender of a message. Besides, the verification of a given encrypted message can be done without any secret. In this thesis, we also introduce more desirable features to our redefined notion user conditional privacy preservation. In our second work, we consider not only the conditional privacy of the message sender but also that of the intended message receiver. This work presents a new encryption scheme which can be implemented in communication networks where there exists a blacklist containing a list of blocked communication channels, and each of them is established by a pair of sender and receiver. With this encryption scheme, a verifier can confirm whether one ciphertext is belonging to a legitimated communication channel without knowing the exact sender and receiver of that ciphertext. With our two previous works, for a given ciphertext, we ensure that no one except its intended receiver can identify the sender. However, the receiver of one message may behave dishonest when it tries to retrieve the real message sender, which incurs the problem that the receiver of a message might manipulate the origin of the message successfully for its own benefit. To tackle this problem, we present a novel encryption scheme in our third work. Apart from preserving user conditional privacy, this work also enforces the receiver to give a publicly verifiable proof so as to convince others that it is honest during the process of identifying the actual message sender. In our forth work, we show our special interest in the access control encryption, or ACE for short, and find this primitive can inherently achieve user conditional privacy preservation to some extent. we present a newly constructed ACE scheme in this work, and our scheme has advantages over existing ACE schemes in two aspects. Firstly, our ACE scheme is more reliable than existing ones since we utilize a distributed sanitizing algorithm and thus avoid the so called single point failure happened in ACE systems with only one sanitizer. Then, since the ciphertext and key size of our scheme is more compact than that of the existing ACE schemes, our scheme enjoys better scalability

On Structural Signatures for Tree Data Structures

Abstract. In this paper, we present new attacks on the redactable signature scheme introduced by Kundu and Bertino at VLDB '08. This extends the work done by Brzuska et al. at ACNS '10 and Samelin et al. at ISPEC '12. The attacks address unforgeability, transparency and privacy. Based on the ideas of Kundu and Bertino, we introduce a new provably secure construction. The corresponding security model is more flexible than the one introduced by Brzuska et al. Moreover, we have implemented schemes introduced by Brzuska et al. and Kundu and Bertino. The evaluation shows that schemes with a quadratic complexity become unuseable very fast

Key Exchange in the Post-Snowden Era: UC Secure Subversion-Resilient PAKE

Password-Authenticated Key Exchange (PAKE) allows two parties to establish a common high-entropy secret from a possibly low-entropy pre-shared secret such as a password. In this work, we provide the first PAKE protocol with subversion resilience in the framework of universal composability (UC), where the latter roughly means that UC security still holds even if one of the two parties is malicious and the honest party\u27s code has been subverted (in an undetectable manner). We achieve this result by sanitizing the PAKE protocol from oblivious transfer (OT) due to Canetti et al. (PKC\u2712) via cryptographic reverse firewalls in the UC framework (Chakraborty et al., EUROCRYPT\u2722). This requires new techniques, which help us uncover new cryptographic primitives with sanitation-friendly properties along the way (such as OT, dual-mode cryptosystems, and signature schemes). As an additional contribution, we delve deeper in the backbone of communication required in the subversion-resilient UC framework, extending it to the unauthenticated setting, in line with the work of Barak et al. (CRYPTO\u2705)

Computing on Authenticated Data for Adjustable Predicates

The notion of P-homomorphic signatures, introduced by Ahn et al. (TCC 2012), generalizes various approaches for public computations on authenticated data. For a given predicate P anyone can derive a signature for a message m\u27 from the signatures of a set of messages M, as long as P(M,m\u27)=1. This definition hence comprises notions and constructions for concrete predicates P such as homomorphic signatures and redactable signatures. In our work we address the question of how to combine Pi-homomorphic schemes for different predicates P1,P2,... to create a richer and more flexible class of supported predicates. One approach is to statically combine schemes for predicates into new schemes for logical formulas over the predicates, such as a scheme for AND (P1 AND P2). The other approach for more flexibility is to derive schemes which allow the signer to dynamically decide which predicate to use when signing a message, instead of supporting only a single, fixed predicate. We present two main results. One is to show that one can indeed devise solutions for the static combination for AND, and for dynamically adjustable solutions for choosing the predicate on the fly. Moreover, our constructions are practical and add only a negligible overhead. The other main result is an impossibility result for static combinations. Namely, we prove that, in contrast to the case of AND, many other formulas like the logical OR (P1 OR P2) and the NOT (NOT P) do not admit generic combinations through so-called canonical constructions. This implies that one cannot rely on general constructions in these cases, but must use other methods instead, like finding new predicate-specific solutions from scratch

A study of content authentication in proxy-enabled multimedia delivery systems: Model, techniques, and applications

Singapore Management Universit

Information resources management, 1984-1989: A bibliography with indexes

This bibliography contains 768 annotated references to reports and journal articles entered into the NASA scientific and technical information database 1984 to 1989

Mashup Ecosystems: Integrating Web Resources on Desktop and Mobile Devices

The Web is increasingly used as an application platform, and recent development of it has introduced software ecosystems where different actors collaborate. This collaboration is international from day one, and it evolves and grows rapidly. In web ecosystems applications are provided as services, and interdependencies between ecosystem parts can vary from very strong and obvious to loose and recondite. Mashups -- web application hybrids that combine resources from different services into an integrated system that has increased value from user perspective -- are exploiting services of the Web and creating ecosystems where end-users, mashup authors, and service providers collaborate. The term "resources" is used here in a broad sense, and it can refer to user's local data, infinite content of the Web, and even executable code. This dissertation presents mashups as a new breed of web applications that are intended for parsing the web content into an easily accessed form on both regular desktop computers as well as on mobile devices. Constantly evolving web technologies and new web services open up unforeseen possibilities for mashup development. However, developing mashups with current methods and tools for existing deployment environments is challenging. First, the Web as an application platform faces numerous shortcomings, second, web application development practices in general are still immature, and third, development of mashups has additional requirements that need to be addressed. In addition, mobility sets even more challenges for mashup authoring. This dissertation describes and addresses numerous issues regarding mashup ecosystems and client-side mashup development. To achieve this, we have implemented technical research artifacts including mashup ecosystems and different kinds of mashup compositions. The artifacts are developed with numerous runtime environments and tools and targeted at different end-user platforms. This has allowed us to evaluate methods, tools, and practises used during the implementation. As result, this dissertation identifies the fundamental challenges of mashup ecosystems and describes how service providers and mashup ecosystem authors can address these challenges in practice. In addition, example implementation of a specialized multimedia mashup ecosystem for mobile devices is described. To address mashup development issues, this dissertation introduces practical guidelines and a reference architecture that can be applied when mashups are created with traditional web development tools. Moreover, environments that can be used on mobile devices to create mashups that have access to both web and local resources are introduced. Finally, a novel approach to web software development -- creating software as a mashup -- is introduced, and a realization of such concept is described