99,429 research outputs found
How to Store some Secrets
This paper introduces a special type of symmetric cryptosystem called multi-encryption scheme. It allows users to encrypt multiple plaintexts into a single ciphertext. Each plaintext is protected with its own secret key, meaning that they can be decrypted individually by applying the decryption function with the corresponding key to the ciphertext. Compared to encrypting the ciphertexts one-by-one using a standard symmetric cryptosystem, the main advantage of using a multi-encryption scheme is the no-search property, which guarantees that knowing the key is sufficient for decrypting a single plaintext. We show how to construct a multi-encryption scheme based on polynomials over finite fields. A possible application area is coercion-resistant electronic voting. To ensure a strong form of privacy, voters are equipped with multiple fake credentials, which are indistinguishable from the proper one. While theoretically sound, this requires a voter to perfectly recall multiple lengthy random numbers, and to know which of them is the proper one. To ensure 100\% recall, users need to manage these numbers and keep them secret. A multi-encryption scheme is an elegant solution for this problem
Enhancing Data Security by Making Data Disappear in a P2P Systems
This paper describes the problem of securing data by making it disappear
after some time limit, making it impossible for it to be recovered by an
unauthorized party. This method is in response to the need to keep the data
secured and to protect the privacy of archived data on the servers, Cloud and
Peer-to-Peer architectures. Due to the distributed nature of these
architectures, it is impossible to destroy the data completely. So, we store
the data by applying encryption and then manage the key, which is easier to do
as the key is small and it can be hidden in the DHT (Distributed hash table).
Even if the keys in the DHT and the encrypted data were compromised, the data
would still be secure. This paper describes existing solutions, points to their
limitations and suggests improvements with a new secure architecture. We
evaluated and executed this architecture on the Java platform and proved that
it is more secure than other architectures.Comment: 18 page
ZETA - Zero-Trust Authentication: Relying on Innate Human Ability, not Technology
Reliable authentication requires the devices and
channels involved in the process to be trustworthy; otherwise
authentication secrets can easily be compromised. Given the
unceasing efforts of attackers worldwide such trustworthiness
is increasingly not a given. A variety of technical solutions,
such as utilising multiple devices/channels and verification
protocols, has the potential to mitigate the threat of untrusted
communications to a certain extent. Yet such technical solutions
make two assumptions: (1) users have access to multiple
devices and (2) attackers will not resort to hacking the human,
using social engineering techniques. In this paper, we propose
and explore the potential of using human-based computation
instead of solely technical solutions to mitigate the threat of
untrusted devices and channels. ZeTA (Zero Trust Authentication
on untrusted channels) has the potential to allow people to
authenticate despite compromised channels or communications
and easily observed usage. Our contributions are threefold:
(1) We propose the ZeTA protocol with a formal definition
and security analysis that utilises semantics and human-based
computation to ameliorate the problem of untrusted devices
and channels. (2) We outline a security analysis to assess
the envisaged performance of the proposed authentication
protocol. (3) We report on a usability study that explores the
viability of relying on human computation in this context
- …