Still Wrong Use of Pairings in Cryptography

Several pairing-based cryptographic protocols are recently proposed with a wide variety of new novel applications including the ones in emerging technologies like cloud computing, internet of things (IoT), e-health systems and wearable technologies. There have been however a wide range of incorrect use of these primitives. The paper of Galbraith, Paterson, and Smart (2006) pointed out most of the issues related to the incorrect use of pairing-based cryptography. However, we noticed that some recently proposed applications still do not use these primitives correctly. This leads to unrealizable, insecure or too inefficient designs of pairing-based protocols. We observed that one reason is not being aware of the recent advancements on solving the discrete logarithm problems in some groups. The main purpose of this article is to give an understandable, informative, and the most up-to-date criteria for the correct use of pairing-based cryptography. We thereby deliberately avoid most of the technical details and rather give special emphasis on the importance of the correct use of bilinear maps by realizing secure cryptographic protocols. We list a collection of some recent papers having wrong security assumptions or realizability/efficiency issues. Finally, we give a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page

Social Computing: An Overview

A collection of technologies termed social computing is driving a dramatic evolution of the Web, matching the dot-com era in growth, excitement, and investment. All of these share high degree of community formation, user level content creation, and computing, and a variety of other characteristics. We provide an overview of social computing and identify salient characteristics. We argue that social computing holds tremendous disruptive potential in the business world and can significantly impact society, and outline possible changes in organized human action that could be brought about. Social computing can also have deleterious effects associated with it, including security issues. We suggest that social computing should be a priority for researchers and business leaders and illustrate the fundamental shifts in communication, computing, collaboration, and commerce brought about by this trend

Securing the Internet of Things Communication Using Named Data Networking Approaches

The rapid advancement in sensors and their use in devices has led to the drastic increase of Internet-of-Things (IoT) device applications and usage. A fundamental requirement of an IoT-enabled ecosystem is the device’s ability to communicate with other devices, humans etc. IoT devices are usually highly resource constrained and come with varying capabilities and features. Hence, a host-based communication approach defined by the TCP/IP architecture relying on securing the communication channel between the hosts displays drawbacks especially when working in a highly chaotic environment (common with IoT applications). The discrepancies between requirements of the application and the network supporting the communication demands for a fundamental change in securing the communication in IoT applications. This research along with identifying the fundamental security problems in IoT device lifecycle in the context of secure communication also explores the use of a data-centric approach advocated by a modern architecture called Named Data Networking (NDN). The use of NDN modifies the basis of communication and security by defining data-centric security where the data chunks are secured directly and retrieved using specialized requests in a pull-based approach. This work also identifies the advantages of using semantically-rich names as the basis for IoT communication in the current client-driven environment and reinforces it with best-practices from the existing host-based approaches for such networks. We present in this thesis a number of solutions built to automate and securely onboard IoT devices; encryption, decryption and access control solutions based on semantically rich names and attribute-based schemes. We also provide the design details of solutions to sup- port trustworthy and conditionally private communication among highly resource constrained devices through specialized signing techniques and automated certificate generation and distribution with minimal use of the network resources. We also explore the design solutions for rapid trust establishment and vertically securing communication in applications including smart-grid operations and vehicular communication along with automated and lightweight certificate generation and management techniques. Through all these design details and exploration, we identify the applicability of the data-centric security techniques presented by NDN in securing IoT communication and address the shortcoming of the existing approaches in this area

Still Wrong Use of Pairings in Cryptography

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.Several pairing-based cryptographic protocols are recently proposed with a wide variety of new novel applications including the ones in emerging technologies like cloud computing, internet of things (IoT), e-health systems and wearable technologies. There have been however a wide range of incorrect use of these primitives. The paper of Galbraith, Paterson, and Smart (2006) pointed out most of the issues related to the incorrect use of pairing-based cryptography. However, we noticed that some recently proposed applications still do not use these primitives correctly. This leads to unrealizable, insecure or too ine cient designs of pairing-based protocols. We observed that one reason is not being aware of the recent advancements on solving the discrete logarithm problems in some groups. The main purpose of this article is to give an understandable, informative, and the most up-to-date criteria for the correct use of pairing-based cryptography. We thereby deliberately avoid most of the technical details and rather give special emphasis on the importance of the correct use of bilinear maps by realizing secure cryptographic protocols. We list a collection of some recent papers having wrong security assumptions or realizability/e ciency issues. Finally, we give a compact and an up-to-date recipe of the correct use of pairings

An efficient pending interest table control management in named data network

Named Data Networking (NDN) is an emerging Internet architecture that employs a new network communication model based on the identity of Internet content. Its core component, the Pending Interest Table (PIT) serves a significant role of recording Interest packet information which is ready to be sent but in waiting for matching Data packet. In managing PIT, the issue of flow PIT sizing has been very challenging due to massive use of long Interest lifetime particularly when there is no flexible replacement policy, hence affecting PIT performance. The aim of this study is to propose an efficient PIT Control Management (PITCM) approach to be used in handling incoming Interest packets in order to mitigate PIT overflow thus enhancing PIT utilization and performance. PITCM consists of Adaptive Virtual PIT (AVPIT) mechanism, Smart Threshold Interest Lifetime (STIL) mechanism and Highest Lifetime Least Request (HLLR) policy. The AVPIT is responsible for obtaining early PIT overflow prediction and reaction. STIL is meant for adjusting lifetime value for incoming Interest packet while HLLR is utilized for managing PIT entries in efficient manner. A specific research methodology is followed to ensure that the work is rigorous in achieving the aim of the study. The network simulation tool is used to design and evaluate PITCM. The results of study show that PITCM outperforms the performance of standard NDN PIT with 45% higher Interest satisfaction rate, 78% less Interest retransmission rate and 65% less Interest drop rate. In addition, Interest satisfaction delay and PIT length is reduced significantly to 33% and 46%, respectively. The contribution of this study is important for Interest packet management in NDN routing and forwarding systems. The AVPIT and STIL mechanisms as well as the HLLR policy can be used in monitoring, controlling and managing the PIT contents for Internet architecture of the future

We the undersigned: anonymous dissent and the struggle for personal identity in online petitions

Anonymous signatures pose a significant threat to the legitimacy of the online petition as a persuasive form of political communication. While anonymous signatures address some privacy concerns for online petitioners, they often fail to identify petitioners as numerically distinct and socially relevant persons, Since anonymous signatures often fail to personally identify online petitioners, they often fail to provide sufficient reason for targeted political authorities to review and respond to their grievances. To recover the personal rhetoric of the online petition in a way that strikes a balance between the publicity and privacy concerns of petitioners, we should reformat online petitions as pseudonymous social networks of personal testimony between petitioners and targeted political authorities. To this end, the pseudonymous signatures of online petitions should incorporate social frames, co-authored complaints and demands, multimedia voice, and revisable support.M.S.Committee Chair: DiSalvo, Carl; Committee Member: Bogost, Ian; Committee Member: Klein, Hans; Committee Member: Murray, Janet; Committee Member: Pearce, Celi

Social Role Transitions and Technology: Societal Change and Coping in Online Communities

Technological and societal changes unfold in relation to one another. Many events like becoming a parent, getting divorced, or getting a medical diagnosis dictate a change in one’s social role. Social role transition can have negative consequences including stress, stigmatization, and disempowerment. Social interactions, especially communicating with allies and those facing similar conditions, can alleviate the psychological burden of these challenges. The goal of this dissertation is to understand how people use technology to cope with social role change, and how the features of different online communities provide a range of ways to make sense of their social role transition, find support, and advocate for change. In the first study (Chapter 3), I qualitatively analyze interviews with fathers and a sam- ple of father blogs to show how fathers use do-it-yourself (DIY) language on blogs and in their online interactions as a means of redefining fatherhood. Fathers use the DIY concept to build their own father-centric online communities in order to manage some of the disad- vantages associated with the lack of parenting online communities that cater to them. This new framing of fatherhood allows fathers to make sense of their new role as parents, and at the same time, to redefine the social norms around fatherhood. In Chapter 4, I study how parents use social media sites at scale using natural language processing. The focus of the analysis is on Reddit, a social media site that allows users to comment under pseudonyms. I find that parents use pseudonymous social media sites to discuss topics that might otherwise be considered too sensitive to discuss on real-name social media sites such as Facebook (e.g., breastfeeding and sleep training). This study also outlines similarities and differences in discussion topics among mothers and father on Reddit (e.g., mothers discussing breastfeeding and fathers discussing divorce and custody). Finally, in Chapter 5, I use computational and qualitative methods to study how anony- mous accounts on Reddit (throwaway accounts) provide parents with varying levels of anonymity as they cope with social role changes by sharing potentially stigmatizing infor- mation (e.g., postpartum depression) or advocating for stigmatized identities (e.g., divorced fathers). Finally, based on my findings, I present design recommendations that could pro- mote better social support on platforms beyond Reddit.PHDInformationUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/162933/1/tawfiqam_1.pd

Data trust framework using blockchain and smart contracts

Lack of trust is the main barrier preventing more widespread data sharing. The lack of transparent and reliable infrastructure for data sharing prevents many data owners from sharing their data. Data trust is a paradigm that facilitates data sharing by forcing data controllers to be transparent about the process of sharing and reusing data. Blockchain technology has the potential to present the essential properties for creating a practical and secure data trust framework by transforming current auditing practices and automatic enforcement of smart contracts logic without relying on intermediaries to establish trust. Blockchain holds an enormous potential to remove the barriers of traditional centralized applications and propose a distributed and transparent administration by employing the involved parties to maintain consensus on the ledger. Furthermore, smart contracts are a programmable component that provides blockchain with more flexible and powerful capabilities. Recent advances in blockchain platforms toward smart contracts' development have revealed the possibility of implementing blockchain-based applications in various domains, such as health care, supply chain and digital identity. This dissertation investigates the blockchain's potential to present a framework for data trust. It starts with a comprehensive study of smart contracts as the main component of blockchain for developing decentralized data trust. Interrelated, three decentralized applications that address data sharing and access control problems in various fields, including healthcare data sharing, business process, and physical access control system, have been developed and examined. In addition, a general-purpose application based on an attribute-based access control model is proposed that can provide trusted auditability required for data sharing and access control systems and, ultimately, a data trust framework. Besides auditing, the system presents a transparency level that both access requesters (data users) and resource owners (data controllers) can benefit from. The proposed solutions have been validated through a use case of independent digital libraries. It also provides a detailed performance analysis of the system implementation. The performance results have been compared based on different consensus mechanisms and databases, indicating the system's high throughput and low latency. Finally, this dissertation presents an end-to-end data trust framework based on blockchain technology. The proposed framework promotes data trustworthiness by assessing input datasets, effectively managing access control, and presenting data provenance and activity monitoring. A trust assessment model that examines the trustworthiness of input data sets and calculates the trust value is presented. The number of transaction validators is defined adaptively with the trust value. This research provides solutions for both data owners and data users’ by ensuring the trustworthiness and quality of the data at origin and transparent and secure usage of the data at the end. A comprehensive experimental study indicates the presented system effectively handles a large number of transactions with low latency