16,860 research outputs found
Secure Mobile Social Networks using USIM in a Closed Environment
Online social networking and corresponding mobile based applications are gaining popularity and now considered
a well-integrated service within mobile devices. Basic security mechanisms normally based on passwords for the authentication of social-network users are widely deployed and poses a threat for the user security. In particular, for dedicated social groups with high confidentiality and privacy demands, stronger and user friendly principles for the authentication and identification of group members are needed. On the other hand, most of the mobile units already provide strong authentication procedures through the USIM/ISIM module. This paper explores how to build an architectural framework for secure enrollment and identification of group members in dedicated closed social groups using the USIM/SIM authentication and in particular, the 3GPP Generic Authentication Architecture (GAA), which is built upon the USIM/SIM capabilities. One part of the research is to identify the marketable use-cases with corresponding security challenges to fulfill the requirements that extend beyond the online connectivity. This paper proposes a secure identification design to satisfy the security dimensions for both online and offline peers. We have also implemented an initial proof of the concept prototype to simulate the secure identification procedure based on the proposed design. Our implementation has demonstrated the flexibility of the solution to be applied independently for applications requiring secure identification
Secure Identification in Social Wireless Networks
The applications based on social networking have brought revolution towards social life and are continuously gaining popularity among the Internet users. Due to the advanced computational resources offered by the innovative hardware and nominal subscriber charges of network operators, most of the online social networks are transforming into the mobile domain by offering exciting applications and games exclusively designed for users on the go. Moreover, the mobile devices are considered more personal as compared to their desktop rivals, so there is a tendency among the mobile users to store sensitive data like contacts, passwords, bank account details, updated calendar entries with key dates and personal notes on their devices.
The Project Social Wireless Network Secure Identification (SWIN) is carried out at Swedish Institute of Computer Science (SICS) to explore the practicality of providing the secure mobile social networking portal with advanced security features to tackle potential security threats by extending the existing methods with more innovative security technologies. In addition to the extensive background study and the determination of marketable use-cases with their corresponding security requirements, this thesis proposes a secure identification design to satisfy the security dimensions for both online and offline peers. We have implemented an initial prototype using PHP Socket and OpenSSL library to simulate the secure identification procedure based on the proposed design. The design is in compliance with 3GPP‟s Generic Authentication Architecture (GAA) and our implementation has demonstrated the flexibility of the solution to be applied independently for the applications requiring secure identification. Finally, the thesis provides strong foundation for the advanced implementation on mobile platform in future
Digital certificates and threshold cryptography
This dissertation discusses the use of secret sharing cryptographic protocols for distributing and sharing of secret documents, in our case PDF documents.
We discuss the advantages and uses of such a system in the context of collaborative environments.
Description of the cryptographic protocol involved and the necessary Public Key Infrastructure (PKI) shall be presented. We also provide an implementation of this framework as a “proof of concept” and fundament the use of a certificate extension as the basis for threshold cryptography.
Details of the shared secret distribution protocol and shared secret recovery protocol shall be given as well as the associated technical implementation details.
The actual secret sharing algorithm implemented at this stage is based on an existing well known secret sharing scheme that uses polynomial interpolation over a finite field.
Finally we conclude with a practical assessment of our prototype
ARPA Whitepaper
We propose a secure computation solution for blockchain networks. The
correctness of computation is verifiable even under malicious majority
condition using information-theoretic Message Authentication Code (MAC), and
the privacy is preserved using Secret-Sharing. With state-of-the-art multiparty
computation protocol and a layer2 solution, our privacy-preserving computation
guarantees data security on blockchain, cryptographically, while reducing the
heavy-lifting computation job to a few nodes. This breakthrough has several
implications on the future of decentralized networks. First, secure computation
can be used to support Private Smart Contracts, where consensus is reached
without exposing the information in the public contract. Second, it enables
data to be shared and used in trustless network, without disclosing the raw
data during data-at-use, where data ownership and data usage is safely
separated. Last but not least, computation and verification processes are
separated, which can be perceived as computational sharding, this effectively
makes the transaction processing speed linear to the number of participating
nodes. Our objective is to deploy our secure computation network as an layer2
solution to any blockchain system. Smart Contracts\cite{smartcontract} will be
used as bridge to link the blockchain and computation networks. Additionally,
they will be used as verifier to ensure that outsourced computation is
completed correctly. In order to achieve this, we first develop a general MPC
network with advanced features, such as: 1) Secure Computation, 2) Off-chain
Computation, 3) Verifiable Computation, and 4)Support dApps' needs like
privacy-preserving data exchange
Society-oriented cryptographic techniques for information protection
Groups play an important role in our modern world. They are more reliable and more trustworthy than individuals. This is the reason why, in an organisation, crucial decisions are left to a group of people rather than to an individual. Cryptography supports group activity by offering a wide range of cryptographic operations which can only be successfully executed if a well-defined group of people agrees to co-operate. This thesis looks at two fundamental cryptographic tools that are useful for the management of secret information. The first part looks in detail at secret sharing schemes. The second part focuses on society-oriented cryptographic systems, which are the application of secret sharing schemes in cryptography. The outline of thesis is as follows
Electronic voting system for RIT Student Government elections
Recent studies argue that traditional voting systems do not encourage increased voter participation due to constraints in time, location, accuracy, and, accessibility. To ensure the rights of a democratic society and to enhance and secure the voting rights of citizens by surpassing all the limitations of the traditional voting system, the development of an electronic voting system is an attractive solution. Research on secure electronic voting systems has been conducted for at least the past two decades. We propose to develop an electronic voting system, called the Rochester Institute of Technology Student Government Election System (SGEES) based on Damgard et al. This voting scheme will use efficient honest-verifier zero-knowledge, which, unlike previous election schemes, are both easy to compute and to verify for both voters and authorities. Our proposed electronic voting system will allow convenient and confident voting while maintaining the accuracy of election results. This project will address the security requirements for electronic voting over the Internet, including privacy, completeness, soundness, receipt-freeness, and universal verifiability. In particular, we will research the feasibility of the voting scheme and protocols by studying three related cryptographical theories: homomorphic encryption, efficient honest-verifier zero-knowledge proofs, and threshold decryption cryptosystem
Pay as You Go: A Generic Crypto Tolling Architecture
The imminent pervasive adoption of vehicular communication, based on
dedicated short-range technology (ETSI ITS G5 or IEEE WAVE), 5G, or both, will
foster a richer service ecosystem for vehicular applications. The appearance of
new cryptography based solutions envisaging digital identity and currency
exchange are set to stem new approaches for existing and future challenges.
This paper presents a novel tolling architecture that harnesses the
availability of 5G C-V2X connectivity for open road tolling using smartphones,
IOTA as the digital currency and Hyperledger Indy for identity validation. An
experimental feasibility analysis is used to validate the proposed architecture
for secure, private and convenient electronic toll payment
- …