Analytical Study of Modified RSA Algorithms for Digital Signature

Digital signature has been providing security services to secure electronic transaction. Rivest Shamir Adleman (RSA) algorithm was most widely used to provide security technique for many applications, such as e-mails, electronic funds transfer, electronic data interchange, software distribution, data storage, electronic commerce and secure internet access. In order to include RSA cryptosystem proficiently in many protocols, it is desired to formulate faster encryption and decryption operations. This paper describes a systematic analysis of RSA and its variation schemes for Digital Signature. DOI: 10.17762/ijritcc2321-8169.15031

Computational and Energy Costs of Cryptographic Algorithms on Handheld Devices

Networks are evolving toward a ubiquitous model in which heterogeneous devices are interconnected. Cryptographic algorithms are required for developing security solutions that protect network activity. However, the computational and energy limitations of network devices jeopardize the actual implementation of such mechanisms. In this paper, we perform a wide analysis on the expenses of launching symmetric and asymmetric cryptographic algorithms, hash chain functions, elliptic curves cryptography and pairing based cryptography on personal agendas, and compare them with the costs of basic operating system functions. Results show that although cryptographic power costs are high and such operations shall be restricted in time, they are not the main limiting factor of the autonomy of a device

Variance-Reduced Stochastic Learning by Networked Agents under Random Reshuffling

A new amortized variance-reduced gradient (AVRG) algorithm was developed in \cite{ying2017convergence}, which has constant storage requirement in comparison to SAGA and balanced gradient computations in comparison to SVRG. One key advantage of the AVRG strategy is its amenability to decentralized implementations. In this work, we show how AVRG can be extended to the network case where multiple learning agents are assumed to be connected by a graph topology. In this scenario, each agent observes data that is spatially distributed and all agents are only allowed to communicate with direct neighbors. Moreover, the amount of data observed by the individual agents may differ drastically. For such situations, the balanced gradient computation property of AVRG becomes a real advantage in reducing idle time caused by unbalanced local data storage requirements, which is characteristic of other reduced-variance gradient algorithms. The resulting diffusion-AVRG algorithm is shown to have linear convergence to the exact solution, and is much more memory efficient than other alternative algorithms. In addition, we propose a mini-batch strategy to balance the communication and computation efficiency for diffusion-AVRG. When a proper batch size is employed, it is observed in simulations that diffusion-AVRG is more computationally efficient than exact diffusion or EXTRA while maintaining almost the same communication efficiency.Comment: 23 pages, 12 figures, submitted for publicatio

Batch Verification of Short Signatures

With computer networks spreading into a variety of new environments, the need to authenticate and secure communication grows. Many of these new environments have particular requirements on the applicable cryptographic primitives. For instance, several applications require that communication overhead be small and that many messages be processed at the same time. In this paper we consider the suitability of public key signatures in the latter scenario. That is, we consider signatures that are 1) short and 2) where many signatures from (possibly) different signers on (possibly) different messages can be verified quickly. Prior work focused almost exclusively on batching signatures from the same signer. We propose the first batch verifier for messages from many (certified) signers without random oracles and with a verification time where the dominant operation is independent of the number of signatures to verify. We further propose a new signature scheme with very short signatures, for which batch verification for many signers is also highly efficient. Combining our new signatures with the best known techniques for batching certificates from the same authority, we get a fast batch verifier for certificates and messages combined. Although our new signature scheme has some restrictions, it is very efficient and still practical for some communication applications

Privacy-Preserving Protocols for Vehicular Transport Systems

La present tesi es centra en la privadesa dels ciutadans com a usuaris de mitjans de transport vehiculars dins del marc d'una e-society. En concret, les contribucions de la tesi es focalitzen en les subcategories d'estacionament de vehicles privats en zones públiques regulades i en la realització de transbordaments entre línies intercomunicades en l'àmbit del transport públic. Una anàlisi acurada de les dades recopilades pels proveedors d'aquests serveis, sobre un determinat usuari, pot proporcionar informació personal sensible com per exemple: horari laboral, professió, hobbies, problemes de salut, tendències polítiques, inclinacions sexuals, etc. Tot i que existeixin lleis, com l'europea GDPR, que obliguin a utilitzar les dades recollides de forma correcta per part dels proveedors de serveis, ja sigui a causa d'un atac informàtic o per una filtració interna, aquestes dades poden ser utilitzades per finalitats il·legals. Per tant, el disseny protocols que garanteixin la privadesa dels ciutadans que formen part d'una e-society esdevé una tasca de gran importància.La presente tesis se centra en la privacidad de los ciudadanos en el transporte vehicular dentro del marco de una e-society. En concreto, las contribuciones de la tesis se centran en las subcategorías de estacionamiento de vehículos privados en zonas públicas reguladas y en la realización de transbordos entre líneas interconectadas en el ámbito del transporte público. Una análisi acurada de los datos recopilados por los proveedores de los servicios, sobre un determinado usuario, puede proporcionar información personal sensible como por ejemplo: horario laboral, profesión, hobbies, problemas de salud, tendencias políticas, inclinaciones sexuales, etc. A pesar que hay leyes, como la europea GDPR, que obligan a usar de forma correcta los datos recopilados por parte de los proveedores de servicios, ya sea por un ataque informático o por una filtración interna, estos datos pueden utilizarse para fines ilegales. Por lo tanto, es vital diseñar protocolos que garanticen la privacidad de los ciudadanos que forman parte de una e-society.This thesis is focused on the privacy of citizens while using vehicular transport systems within an e-society frame. Specifically, the thesis contributes to two subcategories. The first one refers to pay-by-phone systems for parking vehicles in regulated public areas. The second one is about the use of e-tickets in public transport systems allowing transfers between connecting lines. A careful analysis of data collected by service providers can provide sensitive personal information such as: work schedule, profession, hobbies, health problems, political tendencies, sexual inclinations, etc. Although the law, like the European GDPR, requires the correct use of the data collected by service providers, data can be used for illegal purposes after being stolen as a result of a cyber-attack or after being leaked by an internal dishonest employee. Therefore, the design of privacy-preserving solutions for mobility-based services is mandatory in the e-society

Use of Sparse and/or Complex Exponents in Batch Verification of Exponentiations

Modular exponentiation in an abelian group is one of the most frequently used mathematical primitives in modern cryptography. {\em Batch verification} is to verify many exponentiations simultaneously. We propose two fast batch verification algorithms. The first one makes use of exponents with small weight, called {\em sparse exponents}, which is asymptotically 10 times faster than the individual verification and twice faster than the previous works without security loss. The second one is applied only to elliptic curves defined over small finite fields. Using sparse Frobenius expansion with small integer coefficients, we propose a complex exponent test which is four times faster than the previous works. For example, each exponentiation in one batch requires asymptotically 9 elliptic curve additions in some elliptic curves for $2^{80}$ security

DeepGD: A Multi-Objective Black-Box Test Selection Approach for Deep Neural Networks

Deep neural networks (DNNs) are widely used in various application domains such as image processing, speech recognition, and natural language processing. However, testing DNN models may be challenging due to the complexity and size of their input domain. Particularly, testing DNN models often requires generating or exploring large unlabeled datasets. In practice, DNN test oracles, which identify the correct outputs for inputs, often require expensive manual effort to label test data, possibly involving multiple experts to ensure labeling correctness. In this paper, we propose DeepGD, a black-box multi-objective test selection approach for DNN models. It reduces the cost of labeling by prioritizing the selection of test inputs with high fault revealing power from large unlabeled datasets. DeepGD not only selects test inputs with high uncertainty scores to trigger as many mispredicted inputs as possible but also maximizes the probability of revealing distinct faults in the DNN model by selecting diverse mispredicted inputs. The experimental results conducted on four widely used datasets and five DNN models show that in terms of fault-revealing ability: (1) White-box, coverage-based approaches fare poorly, (2) DeepGD outperforms existing black-box test selection approaches in terms of fault detection, and (3) DeepGD also leads to better guidance for DNN model retraining when using selected inputs to augment the training set

Privacy Preserving Cryptographic Protocols for Secure Heterogeneous Networks

Disertační práce se zabývá kryptografickými protokoly poskytující ochranu soukromí, které jsou určeny pro zabezpečení komunikačních a informačních systémů tvořících heterogenní sítě. Práce se zaměřuje především na možnosti využití nekonvenčních kryptografických prostředků, které poskytují rozšířené bezpečnostní požadavky, jako je například ochrana soukromí uživatelů komunikačního systému. V práci je stanovena výpočetní náročnost kryptografických a matematických primitiv na různých zařízeních, které se podílí na zabezpečení heterogenní sítě. Hlavní cíle práce se zaměřují na návrh pokročilých kryptografických protokolů poskytujících ochranu soukromí. V práci jsou navrženy celkově tři protokoly, které využívají skupinových podpisů založených na bilineárním párování pro zajištění ochrany soukromí uživatelů. Tyto navržené protokoly zajišťují ochranu soukromí a nepopiratelnost po celou dobu datové komunikace spolu s autentizací a integritou přenášených zpráv. Pro navýšení výkonnosti navržených protokolů je využito optimalizačních technik, např. dávkového ověřování, tak aby protokoly byly praktické i pro heterogenní sítě.The dissertation thesis deals with privacy-preserving cryptographic protocols for secure communication and information systems forming heterogeneous networks. The thesis focuses on the possibilities of using non-conventional cryptographic primitives that provide enhanced security features, such as the protection of user privacy in communication systems. In the dissertation, the performance of cryptographic and mathematic primitives on various devices that participate in the security of heterogeneous networks is evaluated. The main objectives of the thesis focus on the design of advanced privacy-preserving cryptographic protocols. There are three designed protocols which use pairing-based group signatures to ensure user privacy. These proposals ensure the protection of user privacy together with the authentication, integrity and non-repudiation of transmitted messages during communication. The protocols employ the optimization techniques such as batch verification to increase their performance and become more practical in heterogeneous networks.