15,084 research outputs found
Still Wrong Use of Pairings in Cryptography
Several pairing-based cryptographic protocols are recently proposed with a
wide variety of new novel applications including the ones in emerging
technologies like cloud computing, internet of things (IoT), e-health systems
and wearable technologies. There have been however a wide range of incorrect
use of these primitives. The paper of Galbraith, Paterson, and Smart (2006)
pointed out most of the issues related to the incorrect use of pairing-based
cryptography. However, we noticed that some recently proposed applications
still do not use these primitives correctly. This leads to unrealizable,
insecure or too inefficient designs of pairing-based protocols. We observed
that one reason is not being aware of the recent advancements on solving the
discrete logarithm problems in some groups. The main purpose of this article is
to give an understandable, informative, and the most up-to-date criteria for
the correct use of pairing-based cryptography. We thereby deliberately avoid
most of the technical details and rather give special emphasis on the
importance of the correct use of bilinear maps by realizing secure
cryptographic protocols. We list a collection of some recent papers having
wrong security assumptions or realizability/efficiency issues. Finally, we give
a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page
Reconfigurable Security: Edge Computing-based Framework for IoT
In various scenarios, achieving security between IoT devices is challenging
since the devices may have different dedicated communication standards,
resource constraints as well as various applications. In this article, we first
provide requirements and existing solutions for IoT security. We then introduce
a new reconfigurable security framework based on edge computing, which utilizes
a near-user edge device, i.e., security agent, to simplify key management and
offload the computational costs of security algorithms at IoT devices. This
framework is designed to overcome the challenges including high computation
costs, low flexibility in key management, and low compatibility in deploying
new security algorithms in IoT, especially when adopting advanced cryptographic
primitives. We also provide the design principles of the reconfigurable
security framework, the exemplary security protocols for anonymous
authentication and secure data access control, and the performance analysis in
terms of feasibility and usability. The reconfigurable security framework paves
a new way to strength IoT security by edge computing.Comment: under submission to possible journal publication
The Quantum Frontier
The success of the abstract model of computation, in terms of bits, logical
operations, programming language constructs, and the like, makes it easy to
forget that computation is a physical process. Our cherished notions of
computation and information are grounded in classical mechanics, but the
physics underlying our world is quantum. In the early 80s researchers began to
ask how computation would change if we adopted a quantum mechanical, instead of
a classical mechanical, view of computation. Slowly, a new picture of
computation arose, one that gave rise to a variety of faster algorithms, novel
cryptographic mechanisms, and alternative methods of communication. Small
quantum information processing devices have been built, and efforts are
underway to build larger ones. Even apart from the existence of these devices,
the quantum view on information processing has provided significant insight
into the nature of computation and information, and a deeper understanding of
the physics of our universe and its connections with computation.
We start by describing aspects of quantum mechanics that are at the heart of
a quantum view of information processing. We give our own idiosyncratic view of
a number of these topics in the hopes of correcting common misconceptions and
highlighting aspects that are often overlooked. A number of the phenomena
described were initially viewed as oddities of quantum mechanics. It was
quantum information processing, first quantum cryptography and then, more
dramatically, quantum computing, that turned the tables and showed that these
oddities could be put to practical effect. It is these application we describe
next. We conclude with a section describing some of the many questions left for
future work, especially the mysteries surrounding where the power of quantum
information ultimately comes from.Comment: Invited book chapter for Computation for Humanity - Information
Technology to Advance Society to be published by CRC Press. Concepts
clarified and style made more uniform in version 2. Many thanks to the
referees for their suggestions for improvement
Public Evidence from Secret Ballots
Elections seem simple---aren't they just counting? But they have a unique,
challenging combination of security and privacy requirements. The stakes are
high; the context is adversarial; the electorate needs to be convinced that the
results are correct; and the secrecy of the ballot must be ensured. And they
have practical constraints: time is of the essence, and voting systems need to
be affordable and maintainable, and usable by voters, election officials, and
pollworkers. It is thus not surprising that voting is a rich research area
spanning theory, applied cryptography, practical systems analysis, usable
security, and statistics. Election integrity involves two key concepts:
convincing evidence that outcomes are correct and privacy, which amounts to
convincing assurance that there is no evidence about how any given person
voted. These are obviously in tension. We examine how current systems walk this
tightrope.Comment: To appear in E-Vote-Id '1
- …