Fair exchange in e-commerce and certified e-mail, new scenarios and protocols

We are witnessing a steady growth in the use of Internet in the electronic commerce field. This rise is promoting the migration from traditional processes and applications (paper based) to an electronic model. But the security of electronic transactions continues to pose an impediment to its implementation. Traditionally, most business transactions were conducted in person. Signing a contract required the meeting of all interested parties, the postman delivered certified mail in hand, and when paying for goods or services both customer and provider were present. When all parties are physically present, a transaction does not require a complex protocol. The participants acknowledge the presence of the other parties as assurance that they will receive their parts, whether a signature on a contract, or a receipt, etc. But with e-commerce growing in importance as sales and business channel, all these transactions have moved to its digital counterpart. Therefore we have digital signature of contracts, certified delivery of messages and electronic payment systems. With electronic transactions, the physical presence is not required,moreover, most of the times it is even impossible. The participants in a transaction can be thousands of kilometers away from each other, and they may not even be human participants, they can be machines. Thus, the security that the transaction will be executed without incident is not assured per se, we need additional security measures. To address this problem, fair exchange protocols were developed. In a fair exchange every party involved has an item that wants to exchange, but none of the participants is willing to give his item away unless he has an assurance he will receive the corresponding item from the other participants. Fair exchange has many applications, like digital signature of contracts, where the items to be exchanged are signatures on contracts, certified delivery of messages, where we exchange a message for evidence of receipt, or a payment process, where we exchange a payment (e-cash, e-check, visa, etc.) for digital goods or a receipt. The objective of this dissertation is the study of the fair exchange problem. In particular, it presents two new scenarios for digital contracting, the Atomic Multi- Two Party (AM2P) and the Agent Mediated Scenario (AMS), and proposes one optimistic contract signing protocol for each one. Moreover, it studies the efficiency of Multi-Party Contract Signing (MPCS) protocols from their architecture point of view, presenting a new lower bound for each architecture, in terms of minimum number of transactions needed. Regarding Certified Electronic Mail (CEM), this dissertation presents two optimistic CEMprotocols designed to be deployed on thecurrent e-mail infrastructure, therefore they assume the participation of multiple Mail Transfer Agents (MTAs). In one case, the protocol assumes untrusted MTAs whereas in the other one it assumes each User Agent (UA) trusts his own MTA. Regarding payment systems, this dissertation presents a secure and efficient electronic bearer bank check scheme allowing the electronic checks to be transferred fairly and anonymously.L’ús d’Internet en l’àmbit del comerç electrònic està experimentant un creixement estable. Aquest increment d’ús està promovent lamigració de processos tradicionals i aplicacions (basades en paper) cap a un model electrònic. Però la seguretat de les transaccions electròniques continua impedint la seva implantació. Tradicionalment, la majoria de les transaccions s’han dut a terme en persona. La firma d’un contracte requeria la presència de tots els firmants, el carter entrega les cartes certificades enmà, i quan es paga per un bé o servei ambdós venedor i comprador hi són presents. Quan totes les parts hi són presents, les transaccions no requereixen un protocol complex. Els participants assumeixen la presència de les altres parts com assegurança que rebran el que esperen d’elles, ja sigui la firma d’un contracte, un rebut d’entrega o un pagament. Però amb el creixement del comerç electrònic com a canal de venda i negoci, totes aquestes transaccions s’hanmogut al seu equivalent en el món electrònic. Així doncs tenim firma electrònica de contractes, enviament certificat de missatges, sistemes de pagament electrònic, etc. En les transaccions electròniques la presència física no és necessària, de fet, la majoria de vegades és fins it tot impossible. Els participants poden estar separats permilers de kilòmetres, i no és necessari que siguin humans, podrien sermàquines. Llavors, la seguretat de que la transacció s’executarà correctament no està assegurada per se, necessitem proporcionar mesures de seguretat addicionals. Per solucionar aquest problema, es van desenvolupar els protocols d’intercanvi equitatiu. En un intercanvi equitatiu totes les parts involucrades tenen un objecte que volen intercanviar, però cap de les parts implicades vol donar el seu objecte si no té la seguretat que rebrà els objectes de les altres parts. L’intercanvi equitatiu té multitud d’aplicacions, com la firma electrònica de contractes, on els elements a intercanviar son firmes de contractes, enviament certificat demissatges, on s’intercanvien unmissatge per una evidència de recepció, o un procés de pagament, on intercanviemun pagament (e-cash, visa, e-xec, etc.) per bens digitals o per un rebut. L’objectiu d’aquesta tesi és estudiar el problema de l’intercanvi equitatiu. En particular, la tesi presenta dos nous escenaris per a la firma electrònica de contractes, l’escenari multi-two party atòmic i l’escenari amb agents intermediaris, i proposa un protocol optimista per a cada un d’ells. A més, presenta un estudi de l’eficiència dels protocols de firma electrònica multi-part (Multi-Party Contract Signing (MPCS) protocols) des del punt de vista de la seva arquitectura, presentant una nova fita per a cada una, en termes de mínim nombre de transaccions necessàries. Pel que fa al correu electrònic certificat, aquesta tesi presenta dos protocols optimistes dissenyats per a ser desplegats damunt l’infraestructura actual de correu electrònic, per tant assumeix la participació demúltiples agents de transferència de correu. Un dels protocols assumeix que cap dels agents de transferència de correu participants és de confiança,mentre que l’altre assumeix que cada usuari confia en el seu propi agent. Pel que fa a sistemes de pagament, la tesi presenta un esquema de xec bancari al portador, eficient i segur, que garanteix que la transferència dels xecs es fa demanera anònima i equitativa

A high-performance communication topology for decentralized protocols

Preserving transaction atomicity and ensuring its commitment is key to the maintenance of data integrity in a distributed database. The distributed consensus protocol is a prominent example of a mechanism used to accomplish safe commitment of a distributed transaction. These protocols are based primarily on repeated message exchange among all sites/nodes and their performance is characterized not only by the number of these messages but also by the underlying communication topology. This thesis proposes a measure of performance known as average message complexity and proposes a communication structure based on folded even graphs called the Folded Even Network (FEN). Performance of FEN is compared to other known structures and is shown to outperform them for various values of the number of nodes in the network. It is also shown that large topologies can be generated by connecting multiple FENs together. The expanded structure is also shown to have the same complexity as a single FEN

Spectrum-efficient Architecture for Cognitive Wireless Sensor Networks

Projecte realitzat en col.laboració amb el centre Université Libre de BruxellesHoy en día existe la creencia de que en unos pocos años las actuales Redes Inalámbricas de Sensores estarán presentes en muchas aplicaciones. Mientras estas sigan actuando en la banda sin licencia de ISM 2,4GHz, tendrán que coexistir con otras exitosas tecnologías como Wi-Fi o Bluetooth. En consecuencia, resulta obvio asegurar que la banda en cuestión estará superpoblada en un futuro próximo. Sin embargo y gracias a las nuevas técnicas de Radio Cognitiva, que permitirán la aplicación de un eficiente Acceso al Espectro Dinámico, se conseguirá una distribución racional, dentro del espectro disponible en ese momento y lugar, de las comunicaciones inalámbricas que se estén llevando a cabo. Esta actuación permitirá acceder a frecuencias menos pobladas para poder transmitir con menos interferencias e incluso con menos pérdidas de propagación. A lo largo de este trabajo se va a presentar una arquitectura eficiente, espectralmente hablando, para Redes Inalámbricas de Sensores y Cognitivas. Este esquema desarrolla un protocolo de recolección de datos, para una red con topología de árbol, totalmente escalable y con finalidades genéricas. A través de las pruebas realizadas, podemos afirmar que nuestro esquema, sin alterar el ciclo normal de recolección de datos, puede detectar la presencia de otras Redes Inalámbricas de Sensores y, consecuentemente, migrar la red a nueva frecuencia mientras que todas estas operaciones están ocultas al usuario final. También es eficiente a nivel de energía, ya que no se realizan comprobaciones redundantes de la presencia de otras redes. De esta manera, nuestra propuesta asegura un mejor comportamiento en caso de la existencia de una Red Inalámbrica de Sensores externa, sin realizar operaciones complicadas ni añadiendo más tráfico a la red

slimIoT: Scalable Lightweight Attestation Protocol For the Internet of Things

The Internet of Things (IoT) is increasingly intertwined with critical industrial processes, yet contemporary IoT devices offer limited security features, creating a large new attack surface. Remote attestation is a well-known technique to detect cyber threats by remotely verifying the internal state of a networked embedded device through a trusted entity. Multi-device attestation has received little attention although current single-device approaches show limited scalability in IoT applications. Though recent work has yielded some proposals for scalable attestation, several aspects remain unexplored, and thus more research is required. This paper presents slimIoT, a scalable lightweight attestation protocol that is suitable for all IoT devices. slimIoT depends on an efficient broadcast authentication scheme along with symmetric key cryptography. It is resilient against a strong adversary with physical access to the IoT device. Our protocol is informative in the sense that it identifies the precise status of every device in the network. We implement and evaluate slimIoT considering many factors. On the one hand, our evaluation results show a low overhead in terms of memory footprint and runtime. On the other hand, simulations demonstrate that slimIoT is scalable, robust and highly efficient to be used in static and dynamic networks consisting of thousands of heterogenous IoT devices.Comment: This paper has been accepted at the 2018 IEEE Conference on Dependable and Secure Computing (DSC

Roadmap on structured light

Structured light refers to the generation and application of custom light fields. As the tools and technology to create and detect structured light have evolved, steadily the applications have begun to emerge. This roadmap touches on the key fields within structured light from the perspective of experts in those areas, providing insight into the current state and the challenges their respective fields face. Collectively the roadmap outlines the venerable nature of structured light research and the exciting prospects for the future that are yet to be realized.Peer ReviewedPostprint (published version

Time4: Time for SDN

With the rise of Software Defined Networks (SDN), there is growing interest in dynamic and centralized traffic engineering, where decisions about forwarding paths are taken dynamically from a network-wide perspective. Frequent path reconfiguration can significantly improve the network performance, but should be handled with care, so as to minimize disruptions that may occur during network updates. In this paper we introduce Time4, an approach that uses accurate time to coordinate network updates. Time4 is a powerful tool in softwarized environments, that can be used for various network update scenarios. Specifically, we characterize a set of update scenarios called flow swaps, for which Time4 is the optimal update approach, yielding less packet loss than existing update approaches. We define the lossless flow allocation problem, and formally show that in environments with frequent path allocation, scenarios that require simultaneous changes at multiple network devices are inevitable. We present the design, implementation, and evaluation of a Time4-enabled OpenFlow prototype. The prototype is publicly available as open source. Our work includes an extension to the OpenFlow protocol that has been adopted by the Open Networking Foundation (ONF), and is now included in OpenFlow 1.5. Our experimental results show the significant advantages of Time4 compared to other network update approaches, and demonstrate an SDN use case that is infeasible without Time4.Comment: This report is an extended version of "Software Defined Networks: It's About Time", which was accepted to IEEE INFOCOM 2016. A preliminary version of this report was published in arXiv in May, 201

High Energy Physics Forum for Computational Excellence: Working Group Reports (I. Applications Software II. Software Libraries and Tools III. Systems)

Computing plays an essential role in all aspects of high energy physics. As computational technology evolves rapidly in new directions, and data throughput and volume continue to follow a steep trend-line, it is important for the HEP community to develop an effective response to a series of expected challenges. In order to help shape the desired response, the HEP Forum for Computational Excellence (HEP-FCE) initiated a roadmap planning activity with two key overlapping drivers -- 1) software effectiveness, and 2) infrastructure and expertise advancement. The HEP-FCE formed three working groups, 1) Applications Software, 2) Software Libraries and Tools, and 3) Systems (including systems software), to provide an overview of the current status of HEP computing and to present findings and opportunities for the desired HEP computational roadmap. The final versions of the reports are combined in this document, and are presented along with introductory material.Comment: 72 page