Identity Based Threshold Ring Signature

In threshold ring signature schemes, any group of $t$ entities spontaneously conscripting arbitrarily $n-t$ entities to generate a publicly verifiable $t$-out-of-$n$ signature on behalf of the whole group, yet the actual signers remain anonymous. The spontaneity of these schemes is desirable for ad-hoc groups such as mobile ad-hoc networks. In this paper, we present an identity based (ID-based) threshold ring signature scheme. The scheme is provably secure in the random oracle model and provides trusted authority compatibility. To the best of authors\u27 knowledge, our scheme is the first ID-based threshold ring signature scheme which is also the most efficient (in terms of number of pairing operations required) ID-based ring signature scheme (when $t = 1$) and threshold ring signature scheme from pairings

Una marca de agua inteligente aplicada al dinero electrónico

International audienceEl uso de las marcas de agua se ha incrementado, principalmente por la necesidad de proteger los derechos de autor, detener copias ilegales o medir la integridad de los datos de ciertos archivos. Es bien sabido que se puede insertar código ejecutable en imágenes, pero hasta ahora solamente se ha estudiado como una amenaza de seguridad para el usuario. Nosotros proponemos utilizar esta característica de manera segura para expandir las aplicaciones actuales de las marcas de agua, dándoles exibilidad a través del código ejecutable. Presentamos el modelo de marca de agua inteligente para resolver problemas de incompatibilidad de funciones y demostramos cómo se puede aplicar este modelo a un escenario de dinero electrónico. En dicho escenario el beneciario puede manejar diferentes implementaciones de dinero electrónico mediante una aplicación estándar. Como parte de este escenario, también proponemos una máquina expendedora de dinero electrónico para ofrecer una opción de pago a los usuarios que no tienen cuenta bancaria

Secure server-aided data sharing clique with attestation

National Research Foundation (NRF) Singapor

Using BDH for the Message Authentication in VANET

The transport message security provided by vehicles in VANETs is quite important; vehicle message should be real-time and it will be not complicated to validate message calculation. The method proposed in the essay is mainly to validate the identity by means of Bilinear Diffie-Hellman method, and make vehicles validate the authenticity of RSU and TA’s identity and the effectiveness of key. RSU and TA only need to validate vehicle identity, without helping vehicles produce any key. When vehicle identity validation is completed, vehicles will produce public value and transmit it to other RSU and vehicles, while other vehicles could validate the identity through the message from the sender and public value from RSU. The advantages of the method proposed in this essay are listed as follows. (1) Vehicles, RSU, and TA can validate mutual identities and the effectiveness of keys. (2) Vehicles can produce public value functions automatically, thus reducing key control risks. (3) Vehicles do not need to show certificates to validate their identities, preventing the certificates from attacking because of long-term exposure. (4) Vehicles adopt a pseudonym ID challenge to validate their own identities during the process of handoff. (5) Vehicle messages can be validated using the Bilinear Diffie-Hellman (BDH) method without waiting for the RSU to validate messages, thus improving the instantaneity of messaging. The method proposed in the essay can satisfy source authentication, message integrity, nonrepudiation, privacy, and conditional untraceability requirements

Blockchain-based Privacy-preserving Fair Data Trading Protocol

Fair data trading online is a challenging task when there is mistrust between data providers and data collectors. The trust issue leads to an unsolvable situation where the data collector is unwilling to pay until she receives the data while the data provider will not send the data unless she receives the payment. The traditional solutions toward fair data trading rely on the trust-third party. After the emergence of the blockchain, many researchers use a smart contract on blockchain as a trust-less third party to address the mistrust deadlock. However, involving a smart contract in the protocol inevitably exposes some information to the public if the smart contract is on public blockchain cryptocurrency systems. We observe that the existing fair data trading protocols do not take privacy into account, which, for instance, is critical when trading the sensitive data or the players simply do not want to leak any information about the tradings on the public blockchain. In this paper, we construct a fair trading protocol based on a smart contract that provides better privacy to the participants. We introduce new security notions for privacy-preserving blockchain-based fair data trading protocol and prove our protocol is secure under our new notions. Furthermore, we give a prototype implementation on Ethereum smart contract

Network-aware Active Wardens in IPv6

Every day the world grows more and more dependent on digital communication. Technologies like e-mail or the World Wide Web that not so long ago were considered experimental, have first become accepted and then indispensable tools of everyday life. New communication technologies built on top of the existing ones continuously race to provide newer and better functionality. Even established communication media like books, radio, or television have become digital in an effort to avoid extinction. In this torrent of digital communication a constant struggle takes place. On one hand, people, organizations, companies and countries attempt to control the ongoing communications and subject them to their policies and laws. On the other hand, there oftentimes is a need to ensure and protect the anonymity and privacy of the very same communications. Neither side in this struggle is necessarily noble or malicious. We can easily imagine that in presence of oppressive censorship two parties might have a legitimate reason to communicate covertly. And at the same time, the use of digital communications for business, military, and also criminal purposes gives equally compelling reasons for monitoring them thoroughly. Covert channels are communication mechanisms that were never intended nor designed to carry information. As such, they are often able to act ``below\u27\u27 the notice of mechanisms designed to enforce security policies. Therefore, using covert channels it might be possible to establish a covert communication that escapes notice of the enforcement mechanism in place. Any covert channel present in digital communications offers a possibility of achieving a secret, and therefore unmonitored, communication. There have been numerous studies investigating possibilities of hiding information in digital images, audio streams, videos, etc. We turn our attention to the covert channels that exist in the digital networks themselves, that is in the digital communication protocols. Currently, one of the most ubiquitous protocols in deployment is the Internet Protocol version 4 (IPv4). Its universal presence and range make it an ideal candidate for covert channel investigation. However, IPv4 is approaching the end of its dominance as its address space nears exhaustion. This imminent exhaustion of IPv4 address space will soon force a mass migration towards Internet Protocol version 6 (IPv6) expressly designed as its successor. While the protocol itself is already over a decade old, its adoption is still in its infancy. The low acceptance of IPv6 results in an insufficient understanding of its security properties. We investigated the protocols forming the foundation of the next generation Internet, Internet Protocol version 6 (IPv6) and Internet Control Message Protocol (ICMPv6) and found numerous covert channels. In order to properly assess their capabilities and performance, we built cctool, a comprehensive covert channel tool. Finally, we considered countermeasures capable of defeating discovered covert channels. For this purpose we extended the previously existing notions of active wardens to equip them with the knowledge of the surrounding network and allow them to more effectively fulfill their role