16,324 research outputs found
On alternative approach for verifiable secret sharing
Secret sharing allows split/distributed control over the secret (e.g. master
key). Verifiable secret sharing (VSS) is the secret sharing extended by
verification capacity.
Usually verification comes at the price. We propose "free lunch", the
approach that allows to overcome this inconvenience.Comment: This is poster that was presented on ESORICS2002 conference in
Zurich. It consists of 4 color pages, with proposal and flowchart
On Proactive Verifiable Secret Sharing Schemes
The paper has been presented at the International Conference Pioneers of Bulgarian
Mathematics, Dedicated to Nikola Obreshkoff and Lubomir Tschakaloff , Sofia, July, 2006.
The material in this paper was presented in part at the 11th Workshop on Selected Areas in Cryptography (SAC) 2004This paper investigates the security of Proactive Secret Sharing
Schemes. We first consider the approach of using commitment to 0 in the
renewal phase in order to refresh the player's shares and we present two types
of attacks in the information theoretic case. Then we prove the conditions
for the security of such a proactive scheme. Proactivity can be added also
using re-sharing instead of commitment to 0. We investigate this alternative
approach too and describe two protocols. We also show that both techniques
are not secure against a mobile adversary.
To summarize we generalize the existing threshold protocols to protocols
for general access structure. Besides this, we propose attacks against the
existing proactive verifiable secret sharing schemes, and give modifications
of the schemes that resist these attacks
Frictionless Authentication Systems: Emerging Trends, Research Challenges and Opportunities
Authentication and authorization are critical security layers to protect a
wide range of online systems, services and content. However, the increased
prevalence of wearable and mobile devices, the expectations of a frictionless
experience and the diverse user environments will challenge the way users are
authenticated. Consumers demand secure and privacy-aware access from any
device, whenever and wherever they are, without any obstacles. This paper
reviews emerging trends and challenges with frictionless authentication systems
and identifies opportunities for further research related to the enrollment of
users, the usability of authentication schemes, as well as security and privacy
trade-offs of mobile and wearable continuous authentication systems.Comment: published at the 11th International Conference on Emerging Security
Information, Systems and Technologies (SECURWARE 2017
Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning
The secret keys of critical network authorities - such as time, name,
certificate, and software update services - represent high-value targets for
hackers, criminals, and spy agencies wishing to use these keys secretly to
compromise other hosts. To protect authorities and their clients proactively
from undetected exploits and misuse, we introduce CoSi, a scalable witness
cosigning protocol ensuring that every authoritative statement is validated and
publicly logged by a diverse group of witnesses before any client will accept
it. A statement S collectively signed by W witnesses assures clients that S has
been seen, and not immediately found erroneous, by those W observers. Even if S
is compromised in a fashion not readily detectable by the witnesses, CoSi still
guarantees S's exposure to public scrutiny, forcing secrecy-minded attackers to
risk that the compromise will soon be detected by one of the W witnesses.
Because clients can verify collective signatures efficiently without
communication, CoSi protects clients' privacy, and offers the first
transparency mechanism effective against persistent man-in-the-middle attackers
who control a victim's Internet access, the authority's secret key, and several
witnesses' secret keys. CoSi builds on existing cryptographic multisignature
methods, scaling them to support thousands of witnesses via signature
aggregation over efficient communication trees. A working prototype
demonstrates CoSi in the context of timestamping and logging authorities,
enabling groups of over 8,000 distributed witnesses to cosign authoritative
statements in under two seconds.Comment: 20 pages, 7 figure
Distributed Random Process for a Large-Scale Peer-to-Peer Lottery
Most online lotteries today fail to ensure the verifiability of the random
process and rely on a trusted third party. This issue has received little
attention since the emergence of distributed protocols like Bitcoin that
demonstrated the potential of protocols with no trusted third party. We argue
that the security requirements of online lotteries are similar to those of
online voting, and propose a novel distributed online lottery protocol that
applies techniques developed for voting applications to an existing lottery
protocol. As a result, the protocol is scalable, provides efficient
verification of the random process and does not rely on a trusted third party
nor on assumptions of bounded computational resources. An early prototype
confirms the feasibility of our approach
Seeking Anonymity in an Internet Panopticon
Obtaining and maintaining anonymity on the Internet is challenging. The state
of the art in deployed tools, such as Tor, uses onion routing (OR) to relay
encrypted connections on a detour passing through randomly chosen relays
scattered around the Internet. Unfortunately, OR is known to be vulnerable at
least in principle to several classes of attacks for which no solution is known
or believed to be forthcoming soon. Current approaches to anonymity also appear
unable to offer accurate, principled measurement of the level or quality of
anonymity a user might obtain.
Toward this end, we offer a high-level view of the Dissent project, the first
systematic effort to build a practical anonymity system based purely on
foundations that offer measurable and formally provable anonymity properties.
Dissent builds on two key pre-existing primitives - verifiable shuffles and
dining cryptographers - but for the first time shows how to scale such
techniques to offer measurable anonymity guarantees to thousands of
participants. Further, Dissent represents the first anonymity system designed
from the ground up to incorporate some systematic countermeasure for each of
the major classes of known vulnerabilities in existing approaches, including
global traffic analysis, active attacks, and intersection attacks. Finally,
because no anonymity protocol alone can address risks such as software exploits
or accidental self-identification, we introduce WiNon, an experimental
operating system architecture to harden the uses of anonymity tools such as Tor
and Dissent against such attacks.Comment: 8 pages, 10 figure
- âŠ