Non-conventional digital signatures and their implementations – A review

The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-19713-5_36The current technological scenario determines a profileration of trust domains, which are usually defined by validating the digital identity linked to each user. This validation entails critical assumptions about the way users’ privacy is handled, and this calls for new methods to construct and treat digital identities. Considering cryptography, identity management has been constructed and managed through conventional digital signatures. Nowadays, new types of digital signatures are required, and this transition should be guided by rigorous evaluation of the theoretical basis, but also by the selection of properly verified software means. This latter point is the core of this paper. We analyse the main non-conventional digital signatures that could endorse an adequate tradeoff betweeen security and privacy. This discussion is focused on practical software solutions that are already implemented and available online. The goal is to help security system designers to discern identity management functionalities through standard cryptographic software libraries.This work was supported by Comunidad de Madrid (Spain) under the project S2013/ICE-3095-CM (CIBERDINE) and the Spanish Government project TIN2010-19607

On the difficult tradeoff between security and privacy: Challenges for the management of digital identities

The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-19713-5_39The deployment of security measures can lead in many occasions to an infringement of users’ privacy. Indeed, nowadays we have many examples about surveillance programs or personal data breaches in online service providers. In order to avoid the latter problem, we need to establish security measures that do not involve a violation of privacy rights. In this communication we discuss the main challenges when conciliating information security and users’ privacy.This work was supported by Comunidad de Madrid (Spain) under the project S2013/ICE-3095-CM (CIBERDINE)

Design and implementation of secure protocols for practical authentication and fair anonymity systems

Tesis doctoral inédita leída en la Universidad Autónoma de Madrid, Escuela Politécnica Superior, Departamento de Ingeniería Informática. Fecha de lectura, mayo de 2015With the huge growth of information and communication systems, as well as the computing power, privacy has become a main concern for Internet users. Certainly, nowadays users tend to prefer privacy respectful systems and, consequently, companies providing software solutions also need to worry about it. Nevertheless, the privacy provided by current systems many times reduces to the need of placing too much trust into legal protections. Conversely, the contributions by the research community in this directionmany times fail to produce realistic enough solutions, hardly flexible, scalable or deployable in current systems, and thus, impractical. In this thesis, we attempt to bridge this gap between the practical but barely robust systems in the “real world” and the robust but barely practical ones of the “academic counterpart”. Specifically, we base our proposals in currently deployed protocols and systems, but extend them for making them suitable to implement privacy, mainly through fair anonymity. Moreover, our approach for incorporating privacyby- design grows from addressing less complex tasks towards tackling more complex issues based on the composition of the simple ones. This also allows us to establish a flexible framework from which solutions applicable for contexts other than those explored here may be derived. In turn, this helps to reduce the complexity of deploying new systems from scratch which, as stated, is our initial objective. In more detail, in order to ease the design and deployment of privacy respectful systems, we proceed as follows. We first propose a methodology for designing protocols and systems and verifying that they meet the required security properties. This methodology is used to create and verify the protocols and systems proposed afterwards. On the other hand, since we make important use of group signatures for providing privacy through anonymity, and we aim to ease the costs of deploying new systems, we describe an extensible C library that we have implemented and released in an alpha stage, offering a unified API for group signatures. Subsequently, we make use of these global building blocks for creating technology that would most probably be necessary in every privacy respectful system. Specifically, given that the initial problem in any online platform requiring personalized interaction or some kind of authentication is to actually distribute digital identities, we propose SEBIA, a protocol based on EBIA (the typical email-based registration system) that ensures a reasonable level of security for many contexts. Specifically, it allows the distribution of anonymous identities like the ones that are used as a base to create privacy systems in subsequent chapters, and that are based in group signatures. Once having addressed the distribution problem, we extend the widely deployed X.509 PKI in order for it to be suitable for managing anonymous identities. Specifically, we propose extensions to the OCSP and CRLmechanisms, and create a new X.509-like protocol for communicating evidences of misbehavior (which, regrettably, is a problemsometimes derived fromanonymity). With this contributions, we allow the creation of advanced privacy respectful systems based on anonymity. In fact, with the aim of showing it, we design two systems. First, a comprehensive online shopping system that allows anonymous purchases while being also compatible with typical e-commerce benefits, like customer-specific marketing techniques. Secondly, we define an extension to the Tor network which, also based on the same mechanisms for managing anonymity, would allow to shift from full anonymity to fair anonymity. Moreover, for several of the proposals made in this thesis, we have implemented actual prototypes that have enabled us to perform initial profiling tasks. Despite being preliminary versions lacking optimization, the results indicate that our proposals incur in acceptable costsCon el gran auge de los sistemas de la información y las comunicaciones, junto con la capacidad de cómputo, los usuarios han empezado a preocuparse por su privacidad. Por ello, cada vez prefieren más los sistemas que son respetuosos con su información personal, lo cual está llevando a las compañías desarrolladoras de software a preocuparse también por la privacidad de los usuarios. No obstante, las garantías de privacidad en los sistemas actuales normalmente se reducen a mecanismos de protección legal, en los que los usuarios deben confiar. Por el contrario, las contribuciones hechas desde la comunidad académica normalmente consisten en sistemas poco prácticos o realistas y poco adaptables a las infraestructuras actuales. En esta tesis, intentamos reducir esta brecha entre los sistemas prácticos pero poco robustos del “mundo real” y los sistemas robustos pero poco prácticos del “mundo académico”. Para ello, nos basamos en protocolos y sistemas actualmente utilizados en la industria, pero adaptándolos de forma que sean respetuosos con la privacidad a través de primitivas criptográficas avanzadas, proporcionando anonimato justo. En concreto, empezamos abordando tareas más sencillas para luego crear sistemas más complejos. Esto nos permite crear un marco de trabajo flexible, a partir del cual se pueden derivar soluciones aplicables a contextos distintos de los que aquí se muestran. Al mismo tiempo, esto ayuda a reducir la complejidad de desplegar nuevos sistemas desde cero, cumpliendo con nuestro objetivo. Con algo más de detalle, para facilitar el diseño e implementación de sistemas respetuosos con la privacidad, procedemos de la siguiente manera. Primero, proponemos unametodología para diseñar protocolos y sistemas, verificando que cumplen los requisitos de seguridad establecidos. Esta metodología la utilizamos para crear y verificar los protocolos y sistemas propuestos más adelante. Por otro lado, dado que hacemos un uso importante de firmas grupales para proporcionar privacidad a través de anonimato, y nuestra intención es facilitar la creación de nuevos sistemas, presentamos una librería para firmas grupales, escrita en C. Esta librería, aún en fase alfa, es fácilmente extensible, de forma que se pueden añadir nuevos esquemas en caso de ser necesario, manteniendo una API unificada. A continuación, hacemos uso de estos pilares básicos para crear componentes tecnológicos que cualquier sistema respetuoso con la privacidad probablemente requerirá. En concreto, dado que en toda plataforma online la primera operación necesaria es registrarse en la misma, proponemos SEBIA, un protocolo basado en EBIA (el típico sistema de registro basado en emails), pero que proporciona un nivel de seguridad suficiente para muchos escenarios. Este protocolo, concretamente, permite la distribución de identidades digitales anónimas como las usadas en los siguientes capítulos y basadas en firmas grupales. De hecho, una vez distribuidas las identidades, es necesario disponer de mecanismos eficientes para gestionarlas. Para ello, extendemos la infraestructura de clave pública X.509 con el fin de adaptarla para la gestión de identidades anónimas. En concreto, extendemos los mecanismos OCSP y CRL, además de crear un nuevo protocolo que, siguiendo losmismos principios de diseño de X.509, permite la distribución de evidencias de comportamientos ilegítimos (lo cual, desgraciadamente, es un problema que suele acompañar al anonimato). Con estas contribuciones, facilitamos la creación de sistemas avanzados y respetuosos con la privacidad, basados en el anonimato, y al mismo tiempo compatibles con tecnologías actuales. Paramostrarlo, diseñamos un sistema de compras online que permite la realización de compras anónimas y que es además compatible con las técnicas de marketing actuales. Además, proponemos una extensión para la red Tor que, también basándose en los mecanismos presentados, podría permitir la migración de dicha red a un sistema de anonimato justo. Por último, para varias de las propuestas hechas en esta tesis, se han implementado prototipos que nos han permitido realizar un análisis inicial. A pesar de ser versiones preliminares sin optimizar, los resultados indican que nuestras propuestas introducen sobrecostes aceptable

Joining up health and bioinformatics: e-science meets e-health

CLEF (Co-operative Clinical e-Science Framework) is an MRC sponsored project in the e-Science programme that aims to establish methodologies and a technical infrastructure forthe next generation of integrated clinical and bioscience research. It is developing methodsfor managing and using pseudonymised repositories of the long-term patient histories whichcan be linked to genetic, genomic information or used to support patient care. CLEF concentrateson removing key barriers to managing such repositories ? ethical issues, informationcapture, integration of disparate sources into coherent ?chronicles? of events, userorientedmechanisms for querying and displaying the information, and compiling the requiredknowledge resources. This paper describes the overall information flow and technicalapproach designed to meet these aims within a Grid framework

SecureSurgiNET:a framework for ensuring security in telesurgery

The notion of surgical robotics is actively being extended to enable telesurgery, where both the surgeon and patient are remotely located and connected via a public network, which leads to many security risks. Being a safety-critical application, it is highly important to make telesurgery robust and secure against active and passive attacks. In this article, we propose the first complete framework, called SecureSurgiNET, for ensuring security in telesurgery environments. SecureSurgiNET is primarily based on a set of well-established protocols to provide a fool-proof telesurgical robotic system. For increasing the efficiency of secured telesurgery environments, the idea of a telesurgical authority is introduced that ensures the integrity, identity management, authentication policy implementation, and postoperative data security. An analysis is provided describing the security and throughput of Advanced Encryption Standard during the intraoperative phase of SecureSurgiNET. Moreover, we have tabulated the possible attacks on SecureSurgiNET along with the devised defensive measures. Finally, we also present a time complexity analysis of the SecureSurgiNET through simulations. © The Author(s) 2019